Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

How to disable WAF mandatory rule or add an exception to the rule

Copper Contributor

Hi All,

 

A website is getting blocked when I enable WAF in Prevention mode, and log says "Mandatory rule. Cannot be disabled. Inbound Anomaly Score Exceeded (Total Score: 5)" but not able to see policy rule 949110 to disable or add an exception. Is there any way to solve this?

1 Reply

Mandatory rules cannot be disabled as they are triggered after anomaly score has been reached. However, here are few things that you can do-

Create Exclusions in order to "bypass" the rule itself -->Web application firewall request size limits and exclusion lists in Azure Application Gateway - Web application firewall request size limits and exclusion lists in Azure Application Gateway - Azur...