I am getting request such as "~^.*\.mywebsite\.com$" on my azure application gateway. This causes "ERRORINFO_REQUEST_URI_INVALID" error. How do i prevent invalid requests at the Azure WAF2 level?

@Prasanna Srinivasan ,

Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

I understand that you are receiving Invalid requests and you see a lot of "ERRORINFO_REQUEST_URI_INVALID" entries in App gateway Access log

If you wish to block these requests in WAF Level, you should consider using Custom rules.

• Match variable : RequestUri
• Operator : Contains
• Action : Block or Log (for testing)

Note that by using "Regex" as Operator, you can match many such cases.

• However, without understanding your architecture / domain use cases, I am afraid I cannot suggest any particular regular expression.
• If you are sure you have only one single domain, say, "www.yoursite.com", you can create a rule such that it Blocks everything except RequestUri "www.yoursite.com".
• Something like below, (double negation)
  • 

If this is a Production environment, please consider taking a maintenance window or use a lower environment to test the rules suggested.

Please let us know if we can be of any further assistance here.

Thanks,

Kapil

Please Accept an answer if correct.

Original posters help the community find answers faster by identifying the correct answer.