Stack Overflow
Stack Overflow

Questions tagged [azure-waf]

Azure Web Application Firewall adds better web application security to layer 7 Azure Application Gateway service and is available in all Azure public regions.

72 questions
1
vote
0 answers

Azure WAF Issue with WebSocket (OmniFaces )

I have a OmniFaces WebSocket deployed on tomcat. The WebSocket works fine on tomcat. One of our client infrastructure setup is Azure WAF --> IIS --> Tomcat. We have successfully tested the WebSocket from IIS to Tomcat. When we test from Azure WAF ,…
Ravi
  • 391
  • 2
  • 18
1
vote
2 answers

How do I point my webapp url to my frontdoor url?

Currently my app is being hosted on MYAPP.azurewebsites.net and my frontdoor is on MYAPP.azurefd.net. I want all my incoming traffic to route to azureFd so I can gain the benefits of the waf policy I have set in place. Do I need to do this on the…
RedLotus
  • 79
  • 8
1
vote
1 answer

How To Disable Azure WAF Mandatory rule?

{ "timeStamp": "2021-01-29T11:03:40+00:00", "resourceId": "/SUBSCRIPTIONS/0000000000-0000000-0000000-000/RESOURCEGROUPS/resourcegroup/PROVIDERS/MICROSOFT.NETWORK/APPLICATIONGATEWAYS/WAF-GATEWAY", "operationName":…
Jerin Joy
  • 63
  • 2
  • 12
1
vote
1 answer

Do I need a Web Application Firewall if my APIs are protected with OAuth?

I implemented a micro-service model and each API is protected using bearer token authentication... no service logic is executed unless a valid OAuth token is provided as part of the request header. What problem does using a Web Application Firewall…
mdarefull
  • 829
  • 2
  • 14
  • 24
1
vote
0 answers

Customize WebOptimizer Cache Busting Algorithm

I am using ASP.NET Core Web Optimizer. It has cache busting feature that will append a unique string to the end of script or CSS links. A sample of the appended string is like this: ....script.js?v=8UnFL4zesLGMnNgeUbnu9OOWly7_ES--Qx-E_tWr2NQ This…
Rosdi Kasim
  • 24,267
  • 23
  • 130
  • 154
1
vote
2 answers

How to set Azure Web Application Firewall (WAF) logs via Terraforn?

I am trying to do this, via Terraform code: However, I can not find how. Is it some obscure resource or it is not implemented at all ?
Kostas Demiris
  • 3,415
  • 8
  • 47
  • 85
0
votes
0 answers

How to avoid Content-Length HTTP header is not numeric error on Azure app gateway

We have an asp.net mvc application hosted in azure app service. The WAF policy on application gateway is blocking a post request with the "403 Forbidden" error. On firewall log, we see below error captured. { "timeStamp":…
Vaishali Mhatre
  • 11
  • 2
0
votes
1 answer

Block traffic in azure front door based on claims

I have a scenario in which I want to block some requests. There is a property set in Identity claims and I want to deny the request based on that property. Let's say that claims have a proper named "prop1". I want to make sure that if prop1 has a…
Razi Gohar
  • 1
0
votes
1 answer

How to dissociate WAF from Azure application gateway?

How to dissociate WAF from Azure application gateway? I selected the WAF and clicked on associated application gateways. Selected the application gateway that needs to be dissociated from the WAF. but the dissociate link is disabled and Azure gives…
Shubham Avasthi
  • 1
  • 1
0
votes
1 answer

How to setup session affinity for Rest API in Azure App Service

I have a frontend app service (scaled up to 3 nodes) and a api app service (scaled up to 3 nodes) on Azure. When user enter the website, the request goes to frontend app service first and then retrieve other information from api app service by rest…
Kelvin
  • 1
0
votes
1 answer

Using Azure WAF for my server(not in Azure)

I have a server at my home with static IP and website in IIS, which available from internet. I wanted to protect it by Azure Web Application Firewall, but it works only in Azure Virtual Network. Can I add my server to Azure Virtual Network? Is it…
Andrey Golubkov
  • 37
  • 3
0
votes
0 answers

How can I fix this Azure WAF update error

getting this error │ Error: waiting for update of Application Gateway: (Name "dev-waf-sec" / Resource Group "dev-network-rg"): Code="InternalServerError" Message="An error occurred." Details=[] │ │ with azurerm_application_gateway.waf, │ on…
Oluwafemi Awoyemi
  • 1
0
votes
1 answer

Update-AzFrontDoorWafPolicy - update particular managed rule action

I have Azure Front Door WAF policy and would like to change particular managed rule action using Powershell. Here is my code: $RuleOverride1 = New-AzFrontDoorWafManagedRuleOverrideObject -RuleId 930100 -Action Log $RuleGroupOverride =…
Kosmich
  • 11
  • 3
0
votes
1 answer

How to configure NSG for WAF v2 Application Gateway subnet?

I want to configure Network Security Group(NSG) for my Application gateway(AG) subnet. I tried to follow this doc - here but after applying the inbound rules to my NSG, I am getting timeout when hitting the webapp url(which is in the backend pool of…
Saurav Likhar
  • 51
  • 4
0
votes
1 answer

Azure Frontdoor WAF policy is blocking requests even though I have rule disabled

I have a Microsoft.Network/FrontDoorWebApplicationFirewallPolicies@2019-10-01 policy for my web app. I pass in a token via the URL for some requests and sometimes this token has a double hyphen -- which means that Azure thinks this is a SQL…
mcool
  • 457
  • 4
  • 29
1
2
3 4 5