Menu
I have an Azure Application Gateway Web Application Firewall using the OWASP 3.0 ruleset. I created a custom policy so I could create a custom rule which simply allows traffic if it's from a specific IP Address and it has a priority of 1. This is great and I can see log entries in the firewall logs that the rule has been matched. However, I also see log entries that some of the OWASP rules have been matched as well.
My question is whether or not it is possible to prevent further rule/ruleset processing for this specific ip address?
827
In WAF Application Gateway, custom policy takes precedence. So if you have a rule to allow certain IP and if that matches, the other rules of OWASP are not processed. The traffic is allowed.
This is the behavior as of today, please provide feedback in User voice if you have a different scenario.
122
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
