How to disable WAF mandatory rule or add an exception to the rule

%3CLINGO-SUB%20id%3D%22lingo-sub-2614698%22%20slang%3D%22en-US%22%3EHow%20to%20disable%20WAF%20mandatory%20rule%20or%20add%20an%20exception%20to%20the%20rule%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2614698%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20All%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EA%20website%20is%20getting%20blocked%20when%20I%20enable%20WAF%20in%20Prevention%20mode%2C%20and%20log%20says%20%22Mandatory%20rule.%20Cannot%20be%20disabled.%20Inbound%20Anomaly%20Score%20Exceeded%20(Total%20Score%3A%205)%22%20but%20not%20able%20to%20see%20policy%20rule%20949110%20to%20disable%20or%20add%20an%20exception.%20Is%20there%20any%20way%20to%20solve%20this%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2881536%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20disable%20WAF%20mandatory%20rule%20or%20add%20an%20exception%20to%20the%20rule%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2881536%22%20slang%3D%22en-US%22%3E%3CP%3EMandatory%20rules%20cannot%20be%20disabled%20as%20they%20are%20triggered%20after%20anomaly%20score%20has%20been%20reached.%20However%2C%20here%20are%20few%20things%20that%20you%20can%20do-%3CBR%20%2F%3E%3CBR%20%2F%3ECreate%20Exclusions%20in%20order%20to%20%22bypass%22%20the%20rule%20itself%20--%26gt%3BWeb%20application%20firewall%20request%20size%20limits%20and%20exclusion%20lists%20in%20Azure%20Application%20Gateway%20-%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fweb-application-firewall%2Fag%2Fapplication-gateway-waf-configuration%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EWeb%20application%20firewall%20request%20size%20limits%20and%20exclusion%20lists%20in%20Azure%20Application%20Gateway%20-%20Azure%20portal%20%7C%20Microsoft%20Docs%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

Hi All,

 

A website is getting blocked when I enable WAF in Prevention mode, and log says "Mandatory rule. Cannot be disabled. Inbound Anomaly Score Exceeded (Total Score: 5)" but not able to see policy rule 949110 to disable or add an exception. Is there any way to solve this?

1 Reply

Mandatory rules cannot be disabled as they are triggered after anomaly score has been reached. However, here are few things that you can do-

Create Exclusions in order to "bypass" the rule itself -->Web application firewall request size limits and exclusion lists in Azure Application Gateway - Web application firewall request size limits and exclusion lists in Azure Application Gateway - Azur...