cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Az Application Gateway WAF Policy - Custom Rule exclusions can't be created for specific WAF Rules?

chrisbutler
Copper Contributor

‎Oct 07 2019 01:50 PM - last edited on ‎May 24 2021 03:26 PM by

‎Oct 07 2019 01:50 PM - last edited on ‎May 24 2021 03:26 PM by

Az Application Gateway WAF Policy - Custom Rule exclusions can't be created for specific WAF Rules?

Hi,

Have been playing with the AAG Web Application Firewall for some time now and found what I believe to be some rather major flaws in functionality.

Mainly, the lack of ability to exclude a specific URI from certain WAF rule checks , instead it very much seems like when you add an exception via an Application Gateway WAF Policy, that it exlcudes the URI from the WAF entirely.

Anyone have any info, clues, tips or ways I have not found to exclude a certain URI from specific rule checks?

 

 

1,354 Views
0 Likes
1 Reply
Reply
1 Reply
Valon_Kolica

‎Oct 18 2019 03:07 PM

‎Oct 18 2019 03:07 PM

Re: Az Application Gateway WAF Policy - Custom Rule exclusions can't be created for specific WAF Rul

Hi @chrisbutler, thank you for your feedback! Checking with the AAG WAF team, this is on their roadmap already. For your information, we're targeting to host a webinar "Azure Network Security: Introduction to WAF" on Nov 14, 2019. Stay tuned as I will be posting registration details in a couple of weeks here on this page.

0 Likes
Reply