Dec 13 2023 04:22 PM
Hello,
I have an Azure Application gateway (WAF) that prevention mode is enabled and the OWASP 3 and the Microsoft Bot rule are activate.
I checked my web application with chrome and refresh and sent many requests with Chrome. Now I received 403 Forbidden. I checked the logs the reason is:
requestUri_s: /auth/login
requestUri_s: /favicon.ico
Message: SQL Comment Sequence Detected.
But when I open my web application with Edge, it's work well. (Same system and same IP)
1. What's the reason?
2. How to fix?
If I disable this role, there are risks.
If I trust my IP, I couldn't check and QA my web app.
Dec 29 2023 06:47 PM