cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Azure Web Application Firewall (WAF) REGEX for Match Variable Selector

Sibba_Sailor
Copper Contributor

‎Mar 24 2023 04:14 AM

‎Mar 24 2023 04:14 AM

Azure Web Application Firewall (WAF) REGEX for Match Variable Selector

Hi Experts,

We are trying to migrate our WAF solution to Azure WAF, and some validation rules use REGEX to match the Variable Selector. We are trying to implement the same on Azure WAF and are not sure if that is supported. The Azure Application Gateway WAF document does not cover that.

Basically what we are trying to achieve is, to implement this (attached image):

  1. Match type: String
  2. Match variable: PostArgs
  3. Post args selector: arg\d{1,4}
  4. Followed by Operation and Action

Sibba_Sailor_1-1679656470752.png

 

I am not sure if this is supported as the Azure Application Gateway WAF document does not mention it. We need a way to implement this rule so that it can cover multiple arg## instead of us having to create one rule for each. It is going to be difficult when we have, let's say, 100 args (arg1, arg2, arg3,......, arg100) or more.

Is it supported on Azure Application Gateway WAF? If not, what are the other ways/workaround to implement the same?

Thanks in advance!

1,682 Views
0 Likes
3 Replies
Reply
3 Replies
Kidd_Ip

‎Mar 26 2023 07:00 PM

‎Mar 26 2023 07:00 PM

Re: Azure Web Application Firewall (WAF) REGEX for Match Variable Selector

@Sibba_Sailor 

I didn't try but I believed yes as per REGEX supported

0 Likes
Reply
shankerhari

‎Apr 04 2023 09:53 AM

‎Apr 04 2023 09:53 AM

Re: Azure Web Application Firewall (WAF) REGEX for Match Variable Selector

The answer is Yes, Azure WAF does support Regular Expressions (regex) for defining validation rules, so you should be able to implement your current rule in Azure WAF as well. Below are the steps to create a validation rule using regex in Azure WAF:

Open the Azure Portal and navigate to your Application Gateway instance.
In the left-hand menu, click on "Web application firewall".
Click on "Managed rules".
Click on "Add rule".
In the "Validation rule" section, select "Custom rule".
In the "Match conditions" section, select "Post args".
In the "Post args selector" field, enter your regex pattern: "arg\d{1,4}".
In the "Operator" and "Action" fields, enter the desired values for your rule.
Save the rule.

Hope that helps!
0 Likes
Reply
Sibba_Sailor

‎Apr 07 2023 03:35 AM - edited ‎Apr 07 2023 03:38 AM

‎Apr 07 2023 03:35 AM - edited ‎Apr 07 2023 03:38 AM

Re: Azure Web Application Firewall (WAF) REGEX for Match Variable Selector

Hi Shanker,

The field allows us to put the RegEx for Post Args Selector but I am not sure if it is supported as I could not test it. The Azure documentation does not mention the support of RegEx for the Selector (https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/custom-waf-rules-overview#select...).

 

Were you able to implement and test it successfully?

Also, take a look at the Question that I had posted for the same that says it is not currently supported.
https://learn.microsoft.com/en-us/answers/questions/1192824/azure-web-application-firewall-(waf)-reg...

0 Likes
Reply