Is it possible to have `ApplicationGatewayFirewallLog` for disabled rules on Application Gateway WAF in Prevention mode
Application Gateway with WAF in Detection mode logs each matched rule. However, in Prevention mode it catches only rules which are enabled. It makes sense somehow, because we don't want to have disabled rules evaluated in prevention mode, however I want…
Preview OWASP ModSecurity Core Rule Set 3.2 for Azure Web Application Firewall
There is a public preview of OWASP ModSecurity Core Rule Set 3.2 for Azure Web Application Firewall since July 2021. I´m wondering when it will be an official offer for Azure customers, once it has important improvements that could be usefull for us. …
Azure Front Door WAF rate-limit behind NAT
Hello, I was researching Azure FrontDoor rate-limiting capabilities and as far as I can tell rate-limiting happens on an IP level, ie: when an IP surpasses the limit set for a given threshold it's blocked from calling the backend for a certain amount…
![](https://techprofile.blob.core.windows.net/images/Nd_pi7-IHkuDC3BVgl0RFQ.png?8D81F2)
"File Upload Limit" that can be set by WAF
Hello. I'm collecting information about setting up WAF for Application Gateway v2. I have three questions about the file upload limit in the WAF settings. 1. What is the file upload limit? What does this file upload refer to? For example, is it…
Problem to receieve HTTPS trafic in Azure Application Gateway
In my scenario, I have an Application Gateway And three web apps on the backend. I route traffic based on subdomain and config Listener with HTTPS. All of the home pages of these web apps work well. Also, I have a program that sends data to…
![](https://techprofile.blob.core.windows.net/images/fcf9081f1436440ebfb0f40a5584d388.png)
![](https://techprofile.blob.core.windows.net/images/fcf9081f1436440ebfb0f40a5584d388.png)
DDoS Protection vs Bot detection
Hi, Good Day. I have recently come across that Azure DDoS is a new service that offers protection against DDoS kinds of attack by default. When we say DDoS, this is mainly caused by bots or scripts to emulate thousands of attacks in a min. Does…
Not possible to modify Action on Managed-rules in Application Gateway WAF
Hi, We are using Azure application gateway WAF. Our WAF is in "Prevention" policy mode. We have defined some custom rules with blocked action. We would like to enable some of the managed rules with "Only Log" action. However…
Add IP Range - Azure Front Door WAF Custom Rule
Hi, My requirement is to block all requests from a range of IP addresses. This range of IP addresses will be added into a new custom rule. However, I do not know the format in which an IP range can be added into the textbox (screenshot below)…
Azure application gateway (SSL Certificate – Signature verification Failed Vulnerability and SSL Certificate – Subject Common Name Does Not Match server FQDN)
I have Azure application gateway with WAF wich have many backends and but Qualys did scan about several Ips associate this azure application gateway and found vulnerabilite like (SSL Certificate – Signature verification Failed Vulnerability and SSL…
![](https://techprofile.blob.core.windows.net/images/Nd_pi7-IHkuDC3BVgl0RFQ.png?8D81F2)
Does Azure WAF bot protection work on Azure Front Door Classic?
Does Azure WAF bot protection work on Azure Front Door Classic or do you need to upgrade to premium?
Rate limiting in Azure Application gateway+ WAF
Hi here, Is it possible to implement Rate limiting using Azure application gateway and WAF for REST APIs hosted in App service ?
Block certain URLs/domains/hostnames on WAF
Hi, We have a WAF policy configured for our Application Gateway that sits in front of the website/server. The requirement from the client is to block certain hostnames/domains from accessing their website/server. Although it is possible to create…
Which type of App Service Environment v3 (Public IP or Private IP) is suitable for this scenario?
I wanna host three Web Apps on App Service Environment 3 (like the below diagram). Also, an Application Gateway control and routes incoming traffic between three Web Apps based on domain address. When I create ASE v3, I should select Public IP…
![](https://techprofile.blob.core.windows.net/images/fcf9081f1436440ebfb0f40a5584d388.png)
![](https://techprofile.blob.core.windows.net/images/N9FzQVO_jkGGqxc5Los3fQ.png?8DBC01)
Best practice for allowing SMTP to an Exchange VM in Azure
Hi, I need to allow incoming public SMTP and HTTPS traffic into one Exchange server in Azure. What is best practice for this situation? I could add a public IP address to the nic and allow smtp from specified IP ranges in an NSG. But I believe…
Application gateway WAF - blocking url parameters
Hello, I have a Windows server with few running REST services on it. URLs: Example 1: https://service.company.com/api/MyService/Login/?user='tom'&pass='123456' Example 2:…
![](https://techprofile.blob.core.windows.net/images/AdqV7J3ayU-pjc-SurWXaw.png?8D9D07)
How to setup WAF Reverse Proxy , DDOS in Azure
Dear Community, Please can you let me know how How to setup WAF Reverse Proxy , DDOS in Azure for a DNS? and get SSL Certificate Regards Rajesh S
Azure FrontDoor WAF does not filter PUT requests
Hello, I'm trying to use Azure FrontDoor WAF with some web applications, but I noticed that default WAF rules do not filter PUT requests. I have tried to use some common XSS and SQL injection code into PUT requests, but WAF does not block anything by…
![](https://techprofile.blob.core.windows.net/images/dD2P7vFmX0-Jossk0WLwZg.png?8D895D)
Azure FrontDoor WAF rate limit unexpected behavior
Hi, recently I configured WAF on Azure FrontDoor, but I noticed that the “rate limit” feature not working as expected. I have 2 rules configured with “rate limit”: Then I used the following batch script to make requests to my URL: @echo…
![](https://techprofile.blob.core.windows.net/images/Nd_pi7-IHkuDC3BVgl0RFQ.png?8D81F2)
How to configure rate limtting in Azure WAF for Application Gateway
Hi All, How can I configure rate-limiting using WAF for Application Gateway. Thanks
![](https://techprofile.blob.core.windows.net/images/Nd_pi7-IHkuDC3BVgl0RFQ.png?8D81F2)
Azure application gateway with Web App - Gateway IP wont work
Hello Team, I have Azure web app and i wanted to configure Azure Application gateway so that all the public IP traffic are routed through application gateway. For that i have created Application gateway and vNET, later I go to Web App Service -…