Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,041 questions
0 answers
How to fix blocked:mixed-content error on Application Gateway?
I have configured an application gateway associated to a WAF with my app service, the goal was to use WAF in front of my app; the issue now is that I dont have custom domain for my application gateway or app service. Earlier I was using default domain of…
asked 2024-09-04T07:21:43.22+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 25%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENU%3C/text%3E%3C/svg%3E)
Najam ul Saqib
200
Reputation points
edited a comment 2024-09-04T17:06:52+00:00
Najam ul Saqib
200
Reputation points
1 answer
Is it possible to use .azurewebsites.net domain with application gateway?
Hi, I have integrated azure app gateway with my app service to have WAF in front of my web app. I see that I have app gateway's IP address via which I can access the app service, is there any possibility that I use the default domain of web app even with…
asked 2024-09-03T07:22:42.4266667+00:00
Najam ul Saqib
200
Reputation points
commented 2024-09-04T17:06:25.9466667+00:00
Najam ul Saqib
200
Reputation points
0 answers
In "Application Gateway WAF policy" resources cannot select "Rate limit" rule type in custom rules. Only "Match" available.
Hi, In "Application Gateway WAF policy" resources cannot select "Rate limit" rule type in custom rules. Only "Match" available. I want to configure rate-limit rules in my WAF for Application Gateway. I have a bunch of…
asked 2024-09-04T15:48:06.59+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 52%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAV%3C/text%3E%3C/svg%3E)
Alex Vasiuk
0
Reputation points
asked 2024-09-04T15:48:06.59+00:00
Alex Vasiuk
0
Reputation points
0 answers
How to block all geographic region and only allow specific regions to reach my Azure APIM ?
I have deployed multiple API Management Services (APIM) in my Azure Subscriptions. According to Application Insight, this APIM is hit or maybe attacked by a few thousand requests from around the world daily which my company and product do not have…
asked 2024-09-04T03:23:01.02+00:00
EnterpriseArchitect
5,316
Reputation points
commented 2024-09-04T06:32:09.63+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 59%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
JananiRamesh-MSFT
25,991
Reputation points
0 answers
Azure NSG rules both for both public and private IPs
Can I apply a public IP to a vm and have it not affect the nsg rules that I have for it's private IPs? I have current nsg rules for the private IP but i want to add a public IP and apply nsg rules to it as well. I will be limiting access to it from…
asked 2024-08-29T21:57:05.1766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 32%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJC%3C/text%3E%3C/svg%3E)
Jose Cintron
40
Reputation points
edited a comment 2024-08-30T05:38:36.7733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 17%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERV%3C/text%3E%3C/svg%3E)
Rohith Vinnakota
240
Reputation points Microsoft Vendor
asked 2024-08-01T12:50:03.74+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 14.000000000000002%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
Chandu
0
Reputation points
commented 2024-08-30T00:51:31.9933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
ChaitanyaNaykodi-MSFT
25,381
Reputation points Microsoft Employee
0 answers
Azure WAF Security Features in Standard Tier with Front Door
Hey all - I’m looking for insights regarding the security features offered by the Azure WAF when deployed in the Standard tier with Azure FD, particularly in scenarios where the customer does not want to create any custom rules. Given that the Microsoft…
asked 2024-08-20T04:53:06.4433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 20%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBG%3C/text%3E%3C/svg%3E)
Bhushan Gawale
316
Reputation points
commented 2024-08-26T09:38:44.1533333+00:00
KapilAnanth-MSFT
43,651
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
How to add correct exclusion on Azure WAF?
Greetings. Please help in creating an exception to the rule: OWASP_3.2 - Possible Remote File Inclusion (RFI) Attack: Off-Domain Reference/Link. My web application generates requests like: …
asked 2024-05-13T11:59:44.36+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 36%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYT%3C/text%3E%3C/svg%3E)
Yurii Tsarienko
20
Reputation points
commented 2024-08-26T03:33:39.46+00:00
KapilAnanth-MSFT
43,651
Reputation points Microsoft Employee
0 answers
WAF rule - 100200 Malicious bots that have falsified their identity
How often is the list of Google IPs updated to avoid false positives in WAF rule '100200 Malicious bots that have falsified their identity'?
asked 2024-07-24T11:39:13.0333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 19%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAV%3C/text%3E%3C/svg%3E)
Andrius Vasiliauskas
0
Reputation points
commented 2024-08-22T06:47:06.2833333+00:00
Andrius Vasiliauskas
0
Reputation points
1 answer
Azure AG WAF file upload
We need to upload a file with size is about 100MB and got blocked by Application Gateway WAF, we use the "file upload" method which is described here:…
asked 2024-08-13T09:29:17.3966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 75%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELG%3C/text%3E%3C/svg%3E)
Liang, Gene
0
Reputation points
answered 2024-08-16T15:43:08.5233333+00:00
ChaitanyaNaykodi-MSFT
25,381
Reputation points Microsoft Employee
1 answer
Protocol and Port ranges for allow Logic Apps IP
We got the notification about the Logc Apps IP addresses that will need updating by Nov 12th. It doesn't specify any protocol or port ranges on the required IPs that need to be added. Can anyone clarify for me if they have to be any/any or we can limit…
asked 2024-08-13T19:58:22.3966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 70%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Shaun M
0
Reputation points
answered 2024-08-13T22:05:24.44+00:00
ChaitanyaNaykodi-MSFT
25,381
Reputation points Microsoft Employee
0 answers
Getting 403 forbidden error when enabling OWASP 3.2 and Enforce request body inspection limit
There is one function in my web site to download the documents also i have 182 rules Enabled in prevention (Mode)
Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,041 questions
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
314 questions
Azure ISV (Independent Software Vendors) and Startups
Azure ISV (Independent Software Vendors) and Startups
Azure: A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.ISV (Independent Software Vendors) and Startups: A Microsoft program that helps customers adopt Microsoft Cloud solutions and drive user adoption.
92 questions
asked 2024-08-09T06:36:56.9+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 1%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EUR%3C/text%3E%3C/svg%3E)
Umang Raichura
0
Reputation points
commented 2024-08-13T05:00:41.3866667+00:00
KapilAnanth-MSFT
43,651
Reputation points Microsoft Employee
2 answers
How do I configure the Azure Application Gateway / backend pool to drop requests that are blocked by the WAF as the log file indicate the request was blocked but the script ends up in the database.
requests blocked by the WAF are being forwarded to the backend API servers. How do you configure the backend pool or WAF to drop requests that are blocked by the WAF.
asked 2024-05-16T08:21:12.23+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 90%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDG%3C/text%3E%3C/svg%3E)
Derek Green
5
Reputation points
answered 2024-08-07T13:41:46.8133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 59%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
Jimmy Mattsson
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Azure WAF exclusion does not work for Request Cookie Keys
Hi, I have created exclusion in WAF policy for Application Gateway. This exclusion works when I set "matchVariable = Request Cookie Keys" and does not work if I set "matchVariable = Request Cookie Names". I understood that Names and…
asked 2024-04-11T08:51:29.7066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 78%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKK%3C/text%3E%3C/svg%3E)
Konstantin Kostin
20
Reputation points
edited a comment 2024-08-06T11:47:52.18+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 27%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJL%3C/text%3E%3C/svg%3E)
Jarno Leikas
20
Reputation points
1 answer
One of the answers was accepted by the question author.
Setting up Azure Function App with Azure Application Gateway (WAF)
Hello! I am currently trying to setup an Azure function application that will be accessed through an Application Gateway that restricts the network level access using the Azure WAF. I want to restrict the network level access by geographical location…
asked 2024-08-05T07:07:02.6833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 44%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETS%3C/text%3E%3C/svg%3E)
tevin.sales
40
Reputation points
accepted 2024-08-06T04:48:28.53+00:00
tevin.sales
40
Reputation points
1 answer
How to preserve the Client IP that is amended by Azure Front Door, another amendment by App Gateway before reaching Azure APIM
Hi, My setup is configured with Azure Front Door + Azure WAF --> Azure App Gateway + WAF --> Azure API Management. The diagnostic data logs are kept with Azure Monitor. I am trying to configure in bound throttling policy on APIM to rate limit user…
asked 2024-07-16T00:28:41.8333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 97%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBT%3C/text%3E%3C/svg%3E)
Bi Tan
0
Reputation points
edited an answer 2024-08-06T00:28:45.8066667+00:00
ChaitanyaNaykodi-MSFT
25,381
Reputation points Microsoft Employee
0 answers
Azure OpenAi with private endpoints - Web App issue
I am currently experiencing issues after deploying an AI module into a web app. My Azure OpenAI setup includes private endpoints. The web app was tested with both public access and private endpoints. While I can view the chat box and send prompts, I…
asked 2024-07-25T02:32:33.1866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 99%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENM%3C/text%3E%3C/svg%3E)
Nedda Marhoon
6
Reputation points
commented 2024-08-02T10:54:02.3066667+00:00
KapilAnanth-MSFT
43,651
Reputation points Microsoft Employee
1 answer
In azure front door WAF policy i ahve created a custom rules with conditions to block the request for particular url based on country(Geo location). It is working as expected but i would like to know accuracy of the waf policy when using geo location
We have azure front door integrated with WAF policy. i have created a custom rules with conditions to block the request for particular url to specific country(Geo location). It is working as expected but i would like to know accuracy of the waf policy…
asked 2024-07-25T13:26:55.0733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 26%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
Mohideen Ansari
0
Reputation points
commented 2024-08-01T01:28:04.6266667+00:00
ChaitanyaNaykodi-MSFT
25,381
Reputation points Microsoft Employee
0 answers
so F5 awaf? how can I test the deployment without altering the infrastructure?
Hi, I'd like to deploy the F5 A WAF, but I would like to test it without risking or causing any issues. Any ideas?
asked 2024-07-30T19:56:50.7833333+00:00
Ibis N. Torres Santos
0
Reputation points
commented 2024-07-30T20:58:12.4833333+00:00
hossein jalilian
6,355
Reputation points
0 answers
Update Azure application gateway WAF rules to allow request from same ip range in short span
I have a web app hosted on AKS behind an Application Gateway with WAF. My domain is onboarded on Cloudflare. The WAF is blocking network calls to my web app with rule ID 949110. I suspect that Cloudflare is replacing the actual client IP with its own and…
asked 2024-07-24T06:05:22.67+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 50%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPN%3C/text%3E%3C/svg%3E)
Prashanth Nagaraj
0
Reputation points
commented 2024-07-25T09:31:46.5333333+00:00
KapilAnanth-MSFT
43,651
Reputation points Microsoft Employee