Forum Discussion
One of my company's link is throwing 403 – Forbidden
Following link is throwing 403 – Forbidden
Web application hosted in Azure App service protected by Application Gateway throwing following error (403 – Forbidden) when we enter the following URL in the browser.
https://app.mysha.pe/login?state=d:\boot.ini
noticed this 403 redirection is happening at Application Gateway level
we are unable to fix this issue because of it is App Gateway default behavior.
As per PEN testing, “The website exhibits behavior which hints that there may be an LFI/RFI vulnerability in the code”
2 Replies
- Any response would be helpful.
- Turn on diagnostic logs and look in the ApplicationGatewayFirewallLogs category (or closely named to that). The logs will tell you exactly what rule blocked it and what part of the request was matched and some information about why. I’ve always been able to figure out from the diagnostic logs why a request was blocked.
Just to point it out, but most requests make multiple log entries. If you found that 949 match, use the transaction id to find the other entries logged for the same request. 949 is just a entry telling you that the result of other rules was blocking, but not always the specifics.
