Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,098 questions
0 answers
My app gateway web application firewall policy deployment fails with this message "Region is not enabled for Exception feature". How do I enable the feature?
I have a bicep template defining App Gateway Web Application Firewall policy with exceptions. I am using api-version 2024-03-01…
asked 2024-12-16T16:31:43.5+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 5%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
jesseve
0
Reputation points
commented 2024-12-24T20:01:03.8866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 71%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Ganesh Patapati
2,590
Reputation points Microsoft Vendor
1 answer
Best Approach to Block Incoming Traffic During Initial Cache Loading in Azure VMSS
I am setting up a VMSS (Virtual Machine Scale Set) for a web application, and I need to perform an initial load of objects into the cache. To achieve this, I would like to open a web page on localhost to load the objects into the cache, but I don't want…
asked 2024-12-22T15:42:48.31+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 21%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES7%3C/text%3E%3C/svg%3E)
ShlomiDror-7850
0
Reputation points
answered 2024-12-23T09:54:24.0166667+00:00
KapilAnanth-MSFT
48,081
Reputation points Microsoft Employee
2 answers
Managing 200 Websites with Application Gateway and WAF Protection
Hello, I have a single server that is currently hosting over 200 websites. Is it possible to manage all these websites using an application gateway and protect them with a WAF?
asked 2024-05-29T07:27:34.4466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 23%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENA%3C/text%3E%3C/svg%3E)
Nitin Arora
25
Reputation points
edited a comment 2024-12-20T13:04:42.0666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 48%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWF%3C/text%3E%3C/svg%3E)
Walid Farakh
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Azure WAF Training
I have been working with a user who continually gets locked out of their acct, they state they have a script running thats "training the WAF" I was under the impression that a WAF is policy based and cant be trained like you would train an AI.…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 53%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
1 answer
How can I preserve Original client ip at Application Gateway?
Hey, I have been trying to whitelist specific IP using custom WAF rule and as we know Application Gateway is a proxy server and it does not preserve the original client ip. Is there any workaround or configuration we can set at App gateway side so waf…
asked 2024-11-27T10:06:02.24+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 83%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAR%3C/text%3E%3C/svg%3E)
Akshay rathi
0
Reputation points
commented 2024-12-02T10:02:45.1366667+00:00
Ganesh Patapati
2,590
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Azure Web App Failing
I have been trying to deploy my Flask APIs(standalone APIs without any frontend) on Azure Web App using GitHub actions. While I have been trying to deploy, though the deployment is successful, but however my application isnt running and I am getting…
asked 2024-11-24T19:20:56.86+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 56.00000000000001%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Shubhankar Khandai
60
Reputation points
accepted 2024-11-29T10:45:03.1066667+00:00
Shubhankar Khandai
60
Reputation points
1 answer
Integrate storage, database, webapp, and databricks into one VNET
We are hardening our ML platform in Azure. Basically, we want to put all the Azure services ( ADLS, PostgreSQL DB, Web App, and Databricks cluster) in one virtural network so all the traffic will be inside the Azure network whenever possible (except the…
asked 2024-11-22T17:43:49.06+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 27%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPJ%3C/text%3E%3C/svg%3E)
P, John
200
Reputation points
answered 2024-11-25T12:40:23.8433333+00:00
KapilAnanth-MSFT
48,081
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Application Gateway needs Load Balancer?
Our infrastructure for our web application needs to be compliant with the following security requirement. For public-facing web applications, new threats and vulnerabilities are addressed on an ongoing basis and these applications are protected against…
asked 2024-01-26T15:42:46.7766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 73%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Santiago Marrone
20
Reputation points
accepted 2024-11-25T09:29:22.8966667+00:00
Santiago Marrone
20
Reputation points
2 answers
One of the answers was accepted by the question author.
Can I temporarily enable Azure Firewall on a demo environment for testing, and then remove it to stop incurring firewall costs once I apply the configuration to production?
Can I temporarily enable Azure Firewall on a demo environment for testing, and then remove it to stop incurring firewall costs once I apply the configuration to production? Does Azure Firewall incur costs for just being applied to a subnet or VNet, or…
asked 2024-11-20T07:06:53.8366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(243.2, 97%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
chitra manju
40
Reputation points
accepted 2024-11-21T05:08:50.4866667+00:00
chitra manju
40
Reputation points
1 answer
WAF IPv6 custom match rules for Application Gateway products
This blog post announced enhanced support for IPv6 and WAF on Front Door, including IPv6 custom match rules. Will Azure support custom IPv6 match rules on the Azure Application Gateway series of products while using dual-stack configuration with WAF? Is…
asked 2024-11-18T13:28:00.1233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 90%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENM%3C/text%3E%3C/svg%3E)
Nils Magnus Løfgren
0
Reputation points
answered 2024-11-18T18:30:37.7866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 17%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERV%3C/text%3E%3C/svg%3E)
Rohith Vinnakota
1,515
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
How to preserve the Client IP that is amended by Azure Front Door, another amendment by App Gateway before reaching Azure APIM
Hi, My setup is configured with Azure Front Door + Azure WAF --> Azure App Gateway + WAF --> Azure API Management. The diagnostic data logs are kept with Azure Monitor. I am trying to configure in bound throttling policy on APIM to rate limit user…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 97%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBT%3C/text%3E%3C/svg%3E)
2 answers
How do I configure the Azure Application Gateway / backend pool to drop requests that are blocked by the WAF as the log file indicate the request was blocked but the script ends up in the database.
requests blocked by the WAF are being forwarded to the backend API servers. How do you configure the backend pool or WAF to drop requests that are blocked by the WAF.
asked 2024-05-16T08:21:12.23+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 90%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDG%3C/text%3E%3C/svg%3E)
Derek Green
5
Reputation points
edited a comment 2024-11-06T22:46:04.7333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 73%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
Sean Bodor
5
Reputation points
8 answers
When to use Azure WAF or Azure Firewall ?
Hi Folks, Can anyone here please share some thoughts and comments of when to use Azure WAF or Azure Firewall? I have already existing Azure ExpressRoute so my Azure VMs can ping my OnPremise servers, and vice versa. My purpose here is to be able to…
asked 2020-11-15T13:17:27.597+00:00
EnterpriseArchitect
5,516
Reputation points
answered 2024-10-26T23:21:11+00:00
Ugacomp Technologies
0
Reputation points
1 answer
Regex Capabilities in Azure WAF via Terraform
Hello, I am currently working on deploying Azure Web Application Firewall (WAF) custom rules using Terraform. I understand that I can use regex expressions when creating custom rules directly through the Azure Portal. However, I am unsure if this regex…
asked 2024-10-18T12:27:11.9433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 98%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Sena Sarici
20
Reputation points
commented 2024-10-23T20:06:19.0733333+00:00
Rohith Vinnakota
1,515
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Intermittent 404 Errors with Azure Static Web App and Application Gateway
Hi Folks, We are experiencing intermittent 404 errors when trying to access our Static Web App through our main DNS hostname behind an Azure Application Gateway. However, when we use the direct Static Web App URL, everything works as expected without any…
asked 2024-10-21T19:45:04.01+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 25%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPD%3C/text%3E%3C/svg%3E)
Prathap Dasari
45
Reputation points
accepted 2024-10-22T15:25:49.1233333+00:00
Prathap Dasari
45
Reputation points
0 answers
Requests get blocked in WAF with ERRORINFO_NO_ERROR
In Azure, I have an application gateway with web application firewall. Recently, requests from end users have been blocked with http status 403 Forbidden. They're perfectly normal requests, and I see no reason why they should be blocked. In de logs, the…
asked 2024-09-18T09:14:23.2+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 46%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAD%3C/text%3E%3C/svg%3E)
Ard de Gelder
0
Reputation points
commented 2024-10-21T14:30:20.3+00:00
Ard de Gelder
0
Reputation points
1 answer
Requesting Assistance to Resolve the issue with azure WAF rule 942440
Hi Team, We have hosted the application on the Azur server using the app gateway and also applied WAF provisions. However, we are facing the issue below. The application's host needs assistance solving the rules to load the application…
asked 2024-10-15T13:05:41.3633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 7.000000000000001%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVL%3C/text%3E%3C/svg%3E)
Vipul Laxmikant Redkar
0
Reputation points
answered 2024-10-17T02:37:59.6933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 81%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Sai Prasanna Sinde
2,680
Reputation points Microsoft Vendor
0 answers
Allow B2C REST API Calls through Geo-Fenced Application Gateway
REST API calls from B2C are being rejected by the WAF, which has geo-fencing enabled for Qatar only, while B2C is deployed in the Europe region. What methods can be employed to allow B2C servers to successfully call the APIs?
asked 2024-10-13T13:41:49.18+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 18%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMW%3C/text%3E%3C/svg%3E)
Muhammad Waris
0
Reputation points
commented 2024-10-16T15:19:37.9+00:00
Ganesh Patapati
2,590
Reputation points Microsoft Vendor
0 answers
WAF Log Scrubbing XML payloads
Hi, First poster here. I have a SOAP API that is behind an APP GW with WAF and then an APIM. Some of the payloads are triggering built in WAF rules and causing logs to be recorded. I have configured the log scrubbing to target the named properties inside…
asked 2024-10-04T12:33:44.4+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 55.00000000000001%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
Alex Savage
0
Reputation points
commented 2024-10-16T00:46:17.0233333+00:00
Sai Prasanna Sinde
2,680
Reputation points Microsoft Vendor
0 answers
Allow-Access-Control-Origin Error on Web App
Hey everyone. I may be missing something simple, but here's one for you guys! Turning on App Gateway WAF Policy with a custom rule for geo location match. Essentially just to deny any traffic outside of select countries. Without this WAF Policy turned…
asked 2024-09-24T19:45:46.7866667+00:00
Joseph Dutton
145
Reputation points
commented 2024-10-14T13:06:19.9433333+00:00
KapilAnanth-MSFT
48,081
Reputation points Microsoft Employee