Requests do not come from domain names, they come from IP's. There is no way to link a request IP back to a domain name that would allow this to work.
Block certain URLs/domains/hostnames on WAF
Hi,
We have a WAF policy configured for our Application Gateway that sits in front of the website/server.
The requirement from the client is to block certain hostnames/domains from accessing their website/server.
Although it is possible to create custom rules to block IPs on the WAF policy (fyi...we are using WAF v2), I cannot see an option to blacklist hostnames/domains.
So for instance, the client website www.xyz.com is protected by Azure WAF and they want any request coming from abc.com to be blocked (so this needs to happen based on domain names and not IP address).
Any suggestion on how this can be achieved maybe based on headers for example.
Thanks
2 answers
Sort by: Most helpful
-
-
Emad Adel 1 Reputation point
2022-03-14T17:09:39.31+00:00 if we need to Block www.xyz.com\about.php , what can we do ??