I am getting request such as "~^.*\.mywebsite\.com$" on my azure application gateway. This causes "ERRORINFO_REQUEST_URI_INVALID" error. How do i prevent invalid requests at the Azure WAF2 level?

Prasanna Srinivasan 0 Reputation points
2024-09-25T02:45:36.1433333+00:00

Recently, we are getting a lot of requests such as "~^.*.mywebsite.com$" and it gets logged in the Application Gateway as "ERRORINFO_REQUEST_URI_INVALID".

We would like to prevent such wildcard requests at the Web Application Firewall layer.

How do i set a custom rule that prevents the Gateway from even processing such requests?

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,087 questions
Azure Web Application Firewall
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. KapilAnanth-MSFT 47,206 Reputation points Microsoft Employee
    2024-09-25T10:50:47.21+00:00

    @Prasanna Srinivasan ,

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    I understand that you are receiving Invalid requests and you see a lot of "ERRORINFO_REQUEST_URI_INVALID" entries in App gateway Access log

    If you wish to block these requests in WAF Level, you should consider using Custom rules.

    • Match variable : RequestUri
    • Operator : Contains
    • Action : Block or Log (for testing)

    Note that by using "Regex" as Operator, you can match many such cases.

    • However, without understanding your architecture / domain use cases, I am afraid I cannot suggest any particular regular expression.
    • If you are sure you have only one single domain, say, "www.yoursite.com", you can create a rule such that it Blocks everything except RequestUri "www.yoursite.com".
    • Something like below, (double negation)
      • User's image

    If this is a Production environment, please consider taking a maintenance window or use a lower environment to test the rules suggested.

    Please let us know if we can be of any further assistance here.

    Thanks,

    Kapil


    Please Accept an answer if correct.

    Original posters help the community find answers faster by identifying the correct answer.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.