Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
0 answers
Clarification on Addition and Updates of Rules in Azure WAF Managed Rule Sets (OWASP CRS) and Impact on Exclusions
Hello Azure Support Team, We have some questions regarding the management and update process of Azure Web Application Firewall (WAF) managed rule sets, specifically around the OWASP Core Rule Set (CRS) versions: How are new rules added to the managed…
Azure Web Application Firewall
asked 2025-08-11T18:37:38.1233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 13%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAB%3C/text%3E%3C/svg%3E)
Amritpal Brar
0
Reputation points
asked 2025-08-11T18:37:38.1233333+00:00
Amritpal Brar
0
Reputation points
0 answers
One of my home IP addresses can't access sites hosted in Azure
Hi, I have a slightly odd issue - traffic coming from my default home IP address (82.68.8.222) seems to be being dropped by some websites hosted on Azure (Microsoft learn, Nationwide Building Society). If I masquerade my laptops as coming from a…
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
asked 2025-04-06T11:21:58.96+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 75%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELP%3C/text%3E%3C/svg%3E)
Launchbury, Phil
0
Reputation points
commented 2025-08-11T05:06:49.0233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 36%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGS%3C/text%3E%3C/svg%3E)
G Sree Vidya
4,005
Reputation points Microsoft External Staff
Moderator
1 answer
One of the answers was accepted by the question author.
How can I find the original client IP address of a log entry in my WAF?
When I go into the logs for our Application Gateway and run a KQL query to see what items were caught (based on OWASP rules), I can see that the request logs have a column clientIp_s that shows the IP address of the requestee. However, the IP addresses I…
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
asked 2025-07-30T20:22:34.91+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 52%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJC%3C/text%3E%3C/svg%3E)
Josh Cantie
20
Reputation points
accepted 2025-07-31T12:48:27.7233333+00:00
Josh Cantie
20
Reputation points
1 answer
Azure WAF exclusions clarity of 920420
Hello,Good day! In Azure Frontdoor and AppGw WAF logs, I recently saw some requests were getting blocked by the ruleID 920420. Upon checking the logs, it said matchVariableName 'Header Value: Content-type' and matchVariableValue 'application/gzip' is not…
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
asked 2025-07-23T13:30:50.3566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 89%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Alex
515
Reputation points
commented 2025-07-28T19:00:55.1433333+00:00
G Sree Vidya
4,005
Reputation points Microsoft External Staff
Moderator
2 answers
Why does Azure application gateway rate limit WAF return a 403 and not a 429?
When Azure Application gateway rate limiter functions as expected, we were expecting a 429, but instead, a 403 is returned. Why is this?
Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,227 questions
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
asked 2024-03-04T13:57:27.39+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 30%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EL%3C/text%3E%3C/svg%3E)
Levi
40
Reputation points
commented 2025-07-28T10:39:38.33+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 31%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENC%3C/text%3E%3C/svg%3E)
Nishant Chauhan
0
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Azure front door waf rate limiting algorithm
Hello, What's the rate limiting algorithm Frontdoor and AppGw waf uses? In the docs, appgw waf v2 mentioned it uses sliding window algorithm. Is that right? And how about Frontdoor waf?
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
1 answer
One of the answers was accepted by the question author.
Azure App Gateway WAF_v2 Custom Rule evaluation of RequestUri fails to limit allowed paths
I have an Azure App Gateway (AppGW) whose public listener I configured with a Path-based routing rule. That Routing Rule has a default backend configured (which is required, even though I would prefer not to), and several routes, e.g. Path…
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
asked 2025-07-16T09:53:04.4166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 40%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)
Marius Shekow
25
Reputation points
accepted 2025-07-25T07:45:21.6433333+00:00
Marius Shekow
25
Reputation points
1 answer
One of the answers was accepted by the question author.
An error when trying to delete a firewall rule
Hello. We get an error when trying to delete a rule from IP restrictions that states "virtual network was not found" even though it exists. Failed to perform 'read' on resource(s) of type 'virtualNetworks/taggedTrafficConsumers', because the…
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
asked 2025-07-19T20:12:30.2933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 75%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
dockedferret800
20
Reputation points
commented 2025-07-22T13:04:21.57+00:00
dockedferret800
20
Reputation points
1 answer
What is the best practice to add exclusion in WAF
Hi Team, We are currently working on tuning the Azure WAF rules based on Microsoft’s documentation. While we have followed the recommended guidelines, we would like to confirm whether our current configuration approach is aligned with best practices. The…
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
asked 2025-07-07T20:22:27.0833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 7.000000000000001%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
Johnson
5
Reputation points
edited an answer 2025-07-15T18:38:54.9666667+00:00
G Sree Vidya
4,005
Reputation points Microsoft External Staff
Moderator
1 answer
Create Managed Rule Exclusion to exclude a rule on a particular host
Hi, I am trying to create an exclusion rule on a particular OWASP policy code to exclude a particular host name. I include the rule and use the following: Match Variable: Request Header Values Operation: Equals Select: {my.host.com} I've tried various…
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
asked 2025-06-26T11:03:42.8266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 87%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJF%3C/text%3E%3C/svg%3E)
Jaco Fourie
0
Reputation points
answered 2025-06-26T18:57:12.0233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 71%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Ganesh Patapati
8,760
Reputation points Microsoft External Staff
Moderator
2 answers
powershell script to change certificate in WAF
I have renewed my SSL certificate. Is there any powershell script to change certificate in WAF
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
asked 2025-06-16T05:26:05.38+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 30%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
GIRISH PAI
0
Reputation points
answered 2025-06-18T05:23:33.2733333+00:00
G Sree Vidya
4,005
Reputation points Microsoft External Staff
Moderator
1 answer
One of the answers was accepted by the question author.
Azure Application gateway with WAF
Dear team, I'm using Azure application gateway with tier Standard V2. I concert about the difference between application gateway and WAF. As I understand, when I only use Azure application gateway, it doesn't include all features of WAF, or it includes…
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
asked 2025-06-17T03:30:25.5566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 68%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVH%3C/text%3E%3C/svg%3E)
Van Huy Tuyen
40
Reputation points
accepted 2025-06-17T04:41:29.9533333+00:00
Van Huy Tuyen
40
Reputation points
1 answer
Exclude/exempt specific IP from WAF managed rules
Hi, I have an application hosted on Azure WAFV2, I need to define an exclusion using client IP address. Basically any request coming from that IP should not be examined against OWASP 3.2 managed rules. I tried defining exclusions but IP specific…
Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,227 questions
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
asked 2022-08-16T12:24:13.163+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 72%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EW%3C/text%3E%3C/svg%3E)
WinTechie
286
Reputation points
commented 2025-06-05T08:54:00.5133333+00:00
KapilAnanth-MSFT
49,646
Reputation points Microsoft Employee
Moderator
1 answer
One of the answers was accepted by the question author.
「A potentially dangerous Request.Form value was detected from the client」
I am building a web server in Azure with a configuration of CDN - WAF - WebApps. This is a .Net Framework web application. Because requestValidationMode="4.0" "A potentially dangerous Request.Form value was detected from the…
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
asked 2023-10-18T06:49:47.46+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(243.2, 57.00000000000001%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
真 川崎
216
Reputation points
commented 2025-05-18T17:31:22.82+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 51%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Sachin srivastava
1
Reputation point
1 answer
One of the answers was accepted by the question author.
Is it possible to disable logging for custom rules in Azure WAF?
Is it possible to disable logging for custom rules in Azure WAF? I’d like to avoid logging allowed actions since they produce too much noise.
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 70%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EI%3C/text%3E%3C/svg%3E)
2 answers
One of the answers was accepted by the question author.
WAF error "Execution error - PCRE limits exceeded"
Our waf rules are blocking some content from accessing the backend web server; I searched the wag logs and found some OWASAP rules, the associated rule number is 932150, and the normal error message should be Remote Command Execution: Direct Unix Command…
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
asked 2025-05-09T06:35:32.68+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 87%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EW%3C/text%3E%3C/svg%3E)
Wesley
46
Reputation points
answered 2025-05-12T11:20:30.1433333+00:00
Alex Burlachenko
13,330
Reputation points
Volunteer Moderator
1 answer
WAF policy IP address or range
Are there any limitations on the IP lists associated with IoCs? For example, today we have a list of more than 7,500 IPs reported by the SOC, which we are blocking on security devices. Regards. Humberto G
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
asked 2025-05-15T20:01:21.86+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 54%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHG%3C/text%3E%3C/svg%3E)
Humberto Garcia
0
Reputation points
answered 2025-05-15T21:14:00.5166667+00:00
Ganesh Patapati
8,760
Reputation points Microsoft External Staff
Moderator
1 answer
User session timeout issues on the WAF-protected web application. After two or three minutes, the session closes, but response times when making requests or navigating within the application are functioning accordingly.
User session timeout issues on the WAF-protected web application. After two or three minutes, the session closes, but response times when making requests or navigating within the application are functioning accordingly. The logs within the login have…
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
asked 2025-05-27T13:44:52.45+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 17%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJE%3C/text%3E%3C/svg%3E)
Juan Eduardo Diaz
20
Reputation points
answered 2025-05-28T10:56:44.69+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
1 answer
One of the answers was accepted by the question author.
Is Log Analytics Workspace required to view WAF logs for Azure Front Door? How to identify blocked traffic?
Hi, I want to use Azure Front Door to protect my applications and domains running on several VMs. I would like to review the WAF logs to understand which traffic has been blocked due to potential threats and anomaly score. From what I understand, I can…
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
asked 2025-06-04T05:56:21.1133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 83%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK0%3C/text%3E%3C/svg%3E)
Kanie-0317
120
Reputation points
accepted 2025-06-12T10:48:01.11+00:00
Kanie-0317
120
Reputation points
2 answers
One of the answers was accepted by the question author.
Can't add more than three custom domains
I am trying to setup a large quantity of custom domains to be returned to my site and I cannot create more than three. Any ideas on why? A while back I was allowed additional custom domains but now it seems it was either removed or I cannot add anymore.…
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
369 questions
asked 2025-06-04T06:52:58.26+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 96%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAD%3C/text%3E%3C/svg%3E)
Adam Davis
40
Reputation points
answered 2025-06-05T07:07:21.02+00:00
G Sree Vidya
4,005
Reputation points Microsoft External Staff
Moderator