We are using Azure Application Gateway and Web Application Firewall (WAF) and what we want to do is we want to change the PARANOIA LEVEL from 2 to 1.
One of the OWASP Engineer helped me the command we can use to switch it setvar:tx.executing_paranoia_level=1 in the crs-setup.conf. But now I am not aware in Azure and App Gateway WAF where we make this change?
Anyone aware of where this CRS-SETUP.CONF exists and how we can modify the PARANOIA LEVEL?
Thank you,
I am not aware of the CRS-SETUP.CONF existence. I think Azure WAF is like a PaaS service Azure should not expose the underlying configuration to users. Azure Application Gateway (WAF) protects web applications through rules that are defined based on the OWASP core rule sets 3.0 or 2.2.9. If you want to control the conf file, you may contact Azure support.
If you have some false positives, you can do a few things to stop this from blocking your traffic.
Use a WAF Exclusion List. WAF exclusion lists allow you to omit certain request attributes from a WAF evaluation.
Disable the rule. See Customize web application firewall rules through the Azure portal for details.
To disable rule groups or specific rules
Search for the rules or rule groups that you want to disable. Clear the check boxes for the rules that you want to disable. Select Save.
It's recommended to go through this article to learn troubleshooting Web Application Firewall (WAF) for Azure Application Gateway.
