Forum Widgets
Latest Discussions
New Blog Post | Enhancements to Azure WAF for Application Gateway now in General Availability
Enhancements to Azure WAF for Application Gateway now in General Availability - Microsoft Community Hub Azure Web Application Firewall (WAF) on Azure Application Gateway provides centralized protection for your web applications against common vulnerabilities and exploits. Web applications are increasingly targeted by malicious attacks that vulnerabilities. SQL Injection (SQLi) and Cross-Site Scripting (XSS) are examples of some well-known attacks. Preventing such attacks in application code can be challenging and may require rigorous maintenance, patching, and monitoring at many layers of the application topology. A centralized web application firewall helps make security management much simpler and gives better assurance to application developers and security teams against threats or intrusions. The Azure Web Application Firewall (WAF) engine is the component that inspects traffic and determines whether a web-request represents a potential attack, then takes appropriate action depending on the configuration. Previously, when you used the Azure WAF with Application Gateway, there were certain limitations in the way you could configure and monitor your WAF deployments. We are happy to announce several enhancements to the configurations and monitoring capabilities of Azure WAF when used with Azure Application Gateway going forward.
How to disable WAF mandatory rule or add an exception to the rule
Hi All, A website is getting blocked when I enable WAF in Prevention mode, and log says "Mandatory rule. Cannot be disabled. Inbound Anomaly Score Exceeded (Total Score: 5)" but not able to see policy rule 949110 to disable or add an exception. Is there any way to solve this?SEP 26, 2023 | Ask-Me-Anything | Azure Firewall, Azure WAF and Azure DDoS
UPDATED, post-AMA: Here is the AMA recording in case you missed the live session. ************************************************************* Please join us in this Ask Me Anything session with the Azure Network Security CxE PM team. During this session, the Azure Network Security SME (Subject Matter Experts), will answer your questions on Azure Firewall, Azure Firewall Manager, Azure Web Application Firewall and Azure DDoS. This will be a great forum for our Public Community members to learn, interact and have their feedback listened to by the Azure Network Security team. Feel free to post your questions about Azure Network Security solution areas anytime in the comments before the event starts. The team will be answering questions during the live session, with priority given to the pre-submitted questions from the comments below. If you are new to Microsoft Tech-Community, please follow the sign-in instructions. To register for the upcoming live AMA Sep 26, 2023, visit aka.ms/SecurityCommunity. Mohit_Kumar andrewmathu SaleemBseeu davidfrazee ShabazShaik tobiotolorin gusmodenaAzure Firewall Public IP and DDoS protection
Hi, We have a zero trust network setup where we use Azure Firewall Standard Edition with hub/spoke model, there is mandatory requirement to assign few Public IP addresses to the firewall, we have included these assigned public IP addresses to a DDoS plan as well. There is no ingress in this environment (It is backend message processing system which does not need any internet / frontend web APIs). As we are running this in production, we see many DDoS mitigation alerts on firewall Public IPs. We are thinking of reducing cost and removing DDoS protection plan because only resources that are the plan are firewall's public IP addresses, hence the questions are: 1. how the azure firewall will behave if assigned public IPs are not included in DDoS protection plan? 2. Do azure firewall internally have bult in mechanism to defend against DDoS attacks on its public IPs 3. Is there standard recommendation that when Azure firewall is deployed, customers also must use DDoS plan?
Web Application Firewall in Prevention Mode
Hi Team, My application is a ASP.NET web application built on standard .NET Framework features. It works well when Web App Firewall (WAF) is off or set to “Detection”. However, once the WAF set to “Prevention”, most requests to the web servers (both internet and intranet) will be blocked. Can I have your advice on what to be set on the firewall rule to resolve this?
Limit of WAF Exclusion
Hi, @camilamartins @tobiotolorin, All, Based on the Link, https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/azure-subscription-service-limits#application-gateway-limits there is a limit of 40 exclusions per Application Gateway. But does it apply to the URI-based WAF policy as well? To explain more, we've 10+ applications Passing via application Gateway. The idea is to have a separate WAF policy for each application with Fine-tuning. We expect at least 10+ in each WAF policy (Applied at URI) does it add up to the application gateway, or if the limit applies to the policy set at the application gateway level? Appreciate your inputs !Security Community | Private Preview form short link correction
This is just a quick update on the short-link to the Private Preview form. The correct link is https://aka.ms/SecurityPrP. You can apply to join our private preview program, where you can get early access to changes in exchange for your feedback, and review our product roadmap. Thank you and I apologize for the inconvenience caused by the old broken link.
Unable to block my website in specific countries with Azure WAF custom rulea
Hi All, Recently I got a requirement from my client to block the access of the website from specific countries. I've gone through lot of documentation over the Internet and found that we can use restrict access by blocking IP ranges and Azure WAF custom rules. I've created custom rules because I had to block almost 60 countries. But that is not working somehow. Can anyone help me on this?
