Application Gateway
8 TopicsApplication Gateway WAFv2 Custom Rules disappeared.
Hello All, We have a AGW with WAFv2 running. A while back we were working on adding new custom rules, but after saving the new rule, all of our existing WAF custom rules were deleted. Checking with Azure support, we came to know that the delete operation also works as a PUT operation for updating and/or deleting details. But we couldn't get a clear picture on what caused our rules to be deleted instead of adding the new rule. We are still in the process of exploring options to understand what could have caused this anomaly. Have any of you faced any such scenario(s)? Any insights or suggestions are welcome and much appreciated.49Views1like4CommentsAzure Application Gateway - Rewrite Links returned
I'm attempting to use Application Gateway to serve a language for a webpage on a separate domain. The setup is as follows: domain.com is running the entire site, default language is english domain.com/de serves german versions of the pages What I'd like to do is use domain.de to serve the german pages. Setting the override backend path (/de/) works perfectly in order to serve the pages, but inside the page there's a lot of links that turns into domain.de/de/pageTitle. I'd like to remove /de/ from theese links, but can't seem to figure out how. Anyone that can point me in the correct direction?1.1KViews0likes2CommentsApplication Gateway WAF custom rule is not triggered if the HTTP header field is not present
Hi Community, I have this strange behavior on my Application Gateway WAF. I created this custom rule (see image below) to deny traffic when the http request has Referer http header field empty or missing. The problem is that this rule is only triggered when the Referer http header field is empty but not when it is missing 😞 Instead, the same custom rule is working fine on the front door WAF. Why is it happening? Did I do something wrong?5.5KViews1like1CommentApplication Gateway v2 Custom Health Probe not working
Hi all, I have an application running behind an Azure Application Gateway v2. With the default health probe everything works fine. Communication from AppGW to application is http/port 80, AppGW does SSL offloading without reencryption. The default health probe doesn't check the path of the application on the server, meaning it considers the application as healthy, even if it's not (because application e.g. has error). I would need to check the following url with a custom health probe: http://application.domain.local/application/login.jsp?sso=n - The custom health probe does not work (Status code 500) - Need the full url to bypass forwarding to Azure AD single sign on - When I query the same URL from a machine via powershell (invoke-webrequest http://application.domain.local/application/login.jsp?sso=n ) I get a status 200 OK from the server. If I shorten the url for the custom probe to http://application.domain.local/application/ then I also receive status 200 OK. - Looks like there's problem with the last part of the url. - Tells me that the general config of the custom probe should be fine (servers can be reached, are hit with the correct hostname/port, etc). Any ideas what I could test? Are there incompatibilities with .jsp? Thank you in advance!3KViews0likes0CommentsAzure Application Gateway with App Service
Hi Community, Can someone help me in understanding that how scalability is handled by APG on app service level. Let's take an example, we have an app service deployed and running with auto-scale enabled and the app service is configured with APG. How APG get to know how many instances of the app service are running considering the auto scale is enabled on the app service level. Regards, TayyabSolved5.3KViews0likes7CommentsWeb Application Firewall (WAF) rate limit rule for Azure Application Gateway
Hello, Currently, I can create a WAF rate limit rule only on Azure Front Door but I can't create it on the Application Gateway (e.g. see https://serverfault.com/questions/961678/rate-limit-using-azure-application-gateway). Will the WAF rate limit rule on the Application Gateway ever be available in the future? If yes, when? Thanks in advance.12KViews0likes2CommentsHow to setting URL redirect
In the applicationgateway, to access http://hoge.com/test/content.html . Use "URL Path map".... http://hoge.com/test/content.html --> http://{backendserver}/test/content.html But, I want to do transfer to backend server, remove the /test/ . http://hoge.com/test/content.html --> http://{backendserver}/content.html is it possible?1.1KViews0likes0CommentsError 502 while using Application Gateway with App Service Environment
Hello, I have setup Application Service environment and trying to access WebApps inside App service environment through Application gateway. Below are the steps I followed to create required setup however I am getting "502 - Web server received an invalid response while acting as a gateway or proxy server" error when I hit the URL that is mapped with application gateway public URL 1) Created Vnet and created App Service environment inside separate subnet, used subdomain name as dev.xyz.com. I used ILB wild card certificate here issued to *.xyz.com 2) Created app inside App service environment and named it as "dev-web.dev.xyz.com" and added externally accessible DNS name in the custom domain as "dev-web.xyz.com" 3) Created Application gateway, added Internal IP address of ILB ( App Service Environment) as back end pool 4) Created App Gateway-HTTP Settings using port 80 and mapped it with custom probe 4) Created App Gateway-CustomProbe, host name used here is extenally accessible DNS name which is "dev-web.xyz.com" 5) Created App Gateway-Listner using host name as extenally accessible DNS name which is "dev-web.xyz.com" 6) Added a basic rule and mapped above resources with each other I am still not able to access my Web App after acessing dev-web.xyz.com I am not sure about how port number used to create listner affect the setup or if I am missing anything. I also want to implement SSL once I am done with above testing, I would appretiate inputs on how to implement that for above setup.2.4KViews0likes0Comments