Azure Web Application Firewall
An Azure service that provides protection for web apps.
342 questions
0 answers
Azure WAF bot protection ruleset. Meaning of log ID 300700
I have enabled bot protection ruleset for a waf policy. The DRS ruleset normally has a detailed message in the logs but for the bot protection I am finding it hard to identify the reason for a match for 300700 id Other bots (group Unknownbots). We have…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 43%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EE%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
How would TLS inspection work with WAF enabled App Gateway and Azure Firewall?
Hi, I have been struggling with this from a while now. Our design has WAF enabled App gateway for incoming HTTP / HTTPS traffic from internet and then have Azure Firewall behind it. Have couple of queries for which I need assistance: 1: Does WAF has…
asked 2024-09-18T23:33:09.83+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 89%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Rakesh Singh
370
Reputation points
commented 2025-03-12T09:54:19.4866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 40%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJR%3C/text%3E%3C/svg%3E)
Jørgen Woortman
0
Reputation points
1 answer
One of the answers was accepted by the question author.
How to send different tenant's Azure WAF log to tenant with Sentinel Configured?
Hello, I have 2 tenants. A tenant : WAF configured (Sentinel x) B tenant : Sentinel configured( WAF x) I would like to analyze A's logs in tenant B's sentinel. How can I configure? I think I should configure Azure lighthouse, is it right? If not,…
asked 2023-06-02T07:38:39.8566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 22%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
mara7
166
Reputation points
commented 2025-03-05T14:14:41.5766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 78%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK3%3C/text%3E%3C/svg%3E)
KateGokul-3672
0
Reputation points
0 answers
Azure Front Door WAF
We have an Azure Front Door instance with an attached Web Application Firewall (WAF)
asked 2025-03-03T18:50:41.03+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 31%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Nikhil
0
Reputation points
edited a comment 2025-03-04T06:31:48.9666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 81%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Sai Prasanna Sinde
4,335
Reputation points Microsoft External Staff
1 answer
One of the answers was accepted by the question author.
Request URI Not Parsed in AGWFirewallLogs Query
When using a WAF, I tried to check the request URI before applying an exception because there were many detected logs. When querying AGWFirewallLogs, I extended the query using extend parseUrl = parse_url(RequestUri), but parseUrl appears empty. How can…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 70%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EI%3C/text%3E%3C/svg%3E)
2 answers
Azure Web Application Firewall- Microsoft_BotManagerRuleSet_1.0
This post is regarding the azure WAF unknown bots and its rules at the moment for us rule id 300700 'other bots' is being logging with errors for various API'S, i didn't see any information can anyone has more inputs on the existing issue will be…
asked 2023-11-08T07:31:22.3733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 91%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERV%3C/text%3E%3C/svg%3E)
rohith v
0
Reputation points
answered 2025-02-21T06:41:05.4233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 10%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Matthew Mckenzie
15
Reputation points
1 answer
Can I set WAF rules to Log by default and override specific ones to Block?
Hey, I have set the WAF in Prevention mode to allow my custom rules like Rate limiting to be in effect with Blocking action. However as I was facing so many false positives with Microsoft_DefaultRuleSet 2.1, I changed the action as Log for it so that I…
asked 2025-02-10T06:40:19.2766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 28.000000000000004%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Rupesh Sonawane
0
Reputation points
edited a comment 2025-02-20T16:16:42.25+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 82%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVV%3C/text%3E%3C/svg%3E)
Venkat V
775
Reputation points Microsoft External Staff
1 answer
Adding firewall in front of web apps in Hub-and-Spoke architecture
Hi, I am shifting towards hub & spoke model in my Azure subscription so that all the traffic coming into my subscription goes through the firewall. I have multiple types of resources but I am more concerned about web apps and function apps. How can…
asked 2025-01-29T15:55:53.49+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 25%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENU%3C/text%3E%3C/svg%3E)
Najam ul Saqib
360
Reputation points
commented 2025-02-10T13:42:32.9166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 15%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPB%3C/text%3E%3C/svg%3E)
Praveen Bandaru
850
Reputation points Microsoft External Staff
9 answers
When to use Azure WAF or Azure Firewall ?
Hi Folks, Can anyone here please share some thoughts and comments of when to use Azure WAF or Azure Firewall? I have already existing Azure ExpressRoute so my Azure VMs can ping my OnPremise servers, and vice versa. My purpose here is to be able to…
asked 2020-11-15T13:17:27.597+00:00
EnterpriseArchitect
5,716
Reputation points
answered 2025-02-06T06:38:53.57+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 5%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVD%3C/text%3E%3C/svg%3E)
VIVEK DWIVEDI
105
Reputation points Microsoft Employee
1 answer
Clarification Needed on Azure WAF Ruleset Upgrade Notification for Non-Configured WAF Policy
I have recently received a notification from Azure urging me to upgrade to the latest Azure Web Application Firewall (WAF) ruleset version, specifically CRS 3.2 or DRS 2.1, by January 26, 2026. This is due to the deprecation of the older CRS 3.0 ruleset…
asked 2025-01-31T07:09:42.1233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 31%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
Anji Muduthanapally
0
Reputation points
commented 2025-02-06T06:02:54.43+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 17%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERV%3C/text%3E%3C/svg%3E)
Rohith Vinnakota
3,160
Reputation points Microsoft External Staff
1 answer
Why does Azure application gateway rate limit WAF return a 403 and not a 429?
When Azure Application gateway rate limiter functions as expected, we were expecting a 429, but instead, a 403 is returned. Why is this?
asked 2024-03-04T13:57:27.39+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 30%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EL%3C/text%3E%3C/svg%3E)
Levi
30
Reputation points
edited a comment 2025-02-05T06:43:39.8+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 37%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERK%3C/text%3E%3C/svg%3E)
Rafeeque Kudilil Ameeruddeen
10
Reputation points
1 answer
One of the answers was accepted by the question author.
Integrate storage, database, webapp, and databricks into one VNET
We are hardening our ML platform in Azure. Basically, we want to put all the Azure services ( ADLS, PostgreSQL DB, Web App, and Databricks cluster) in one virtural network so all the traffic will be inside the Azure network whenever possible (except the…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 27%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPJ%3C/text%3E%3C/svg%3E)
1 answer
Best Approach to Block Incoming Traffic During Initial Cache Loading in Azure VMSS
I am setting up a VMSS (Virtual Machine Scale Set) for a web application, and I need to perform an initial load of objects into the cache. To achieve this, I would like to open a web page on localhost to load the objects into the cache, but I don't want…
asked 2024-12-22T15:42:48.31+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 21%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES7%3C/text%3E%3C/svg%3E)
ShlomiDror-7850
0
Reputation points
edited the question 2025-01-07T13:19:18.1666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 35%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Srinud
3,860
Reputation points Microsoft External Staff
1 answer
One of the answers was accepted by the question author.
My app gateway web application firewall policy deployment fails with this message "Region is not enabled for Exception feature". How do I enable the feature?
I have a bicep template defining App Gateway Web Application Firewall policy with exceptions. I am using api-version 2024-03-01…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 5%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
How to Relax or Remove the “LocalRequestPartnerRateLimit” Rule in Azure Front Door?
We are hosting a web app on Azure App Service, with traffic routed through Azure Front Door. Most of the time, everything works smoothly. However, we occasionally get a 429 Too Many Requests error, and upon investigation, it appears that a rule named…
Azure Front Door
Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
779 questions
Azure Web Application Firewall
Azure Web Application Firewall
An Azure service that provides protection for web apps.
342 questions
Azure Startups
Azure Startups
Azure: A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.Startups: Companies that are in their initial stages of business and typically developing a business model and seeking financing.
625 questions
asked 2025-01-05T05:01:36.7833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 94%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
西村和海
25
Reputation points
commented 2025-01-07T02:00:52.3333333+00:00
Rohith Vinnakota
3,160
Reputation points Microsoft External Staff
2 answers
Managing 200 Websites with Application Gateway and WAF Protection
Hello, I have a single server that is currently hosting over 200 websites. Is it possible to manage all these websites using an application gateway and protect them with a WAF?
asked 2024-05-29T07:27:34.4466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 23%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENA%3C/text%3E%3C/svg%3E)
Nitin Arora
25
Reputation points
edited a comment 2024-12-20T13:04:42.0666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 48%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWF%3C/text%3E%3C/svg%3E)
Walid Farakh
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Azure WAF Training
I have been working with a user who continually gets locked out of their acct, they state they have a script running thats "training the WAF" I was under the impression that a WAF is policy based and cant be trained like you would train an AI.…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 53%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
1 answer
How can I preserve Original client ip at Application Gateway?
Hey, I have been trying to whitelist specific IP using custom WAF rule and as we know Application Gateway is a proxy server and it does not preserve the original client ip. Is there any workaround or configuration we can set at App gateway side so waf…
asked 2024-11-27T10:06:02.24+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 83%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAR%3C/text%3E%3C/svg%3E)
Akshay rathi
0
Reputation points
commented 2024-12-02T10:02:45.1366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 71%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Ganesh Patapati
4,320
Reputation points Microsoft External Staff
1 answer
One of the answers was accepted by the question author.
Azure Web App Failing
I have been trying to deploy my Flask APIs(standalone APIs without any frontend) on Azure Web App using GitHub actions. While I have been trying to deploy, though the deployment is successful, but however my application isnt running and I am getting…
asked 2024-11-24T19:20:56.86+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 56.00000000000001%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Shubhankar Khandai
60
Reputation points
accepted 2024-11-29T10:45:03.1066667+00:00
Shubhankar Khandai
60
Reputation points
1 answer
One of the answers was accepted by the question author.
Application Gateway needs Load Balancer?
Our infrastructure for our web application needs to be compliant with the following security requirement. For public-facing web applications, new threats and vulnerabilities are addressed on an ongoing basis and these applications are protected against…
asked 2024-01-26T15:42:46.7766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 73%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Santiago Marrone
20
Reputation points
accepted 2024-11-25T09:29:22.8966667+00:00
Santiago Marrone
20
Reputation points