Skip to content

Latest commit

 

History

History
70 lines (49 loc) · 3.06 KB

application-gateway-customize-waf-rules-portal.md

File metadata and controls

70 lines (49 loc) · 3.06 KB
title description documentationcenter services author manager editor ms.assetid ms.service ms.devlang ms.topic ms.tgt_pltfrm ms.custom ms.workload ms.date ms.author
Customize web application firewall rules in Azure Application Gateway - Azure portal | Microsoft Docs
This article provides information on how to customize web application firewall rules in Application Gateway with the Azure portal.
na
application-gateway
davidmu1
timlt
tysonn
1159500b-17ba-41e7-88d6-b96986795084
application-gateway
na
article
na
infrastructure-services
03/28/2017
davidmu

Customize web application firewall rules through the Azure portal

[!div class="op_single_selector"]

The Azure Application Gateway web application firewall (WAF) provides protection for web applications. These protections are provided by the Open Web Application Security Project (OWASP) Core Rule Set (CRS). Some rules can cause false positives and block real traffic. For this reason, Application Gateway provides the capability to customize rule groups and rules. For more information on the specific rule groups and rules, see List of web application firewall CRS rule groups and rules.

Note

If your application gateway is not using the WAF tier, the option to upgrade the application gateway to the WAF tier appears in the right pane.

Enable WAF

View rule groups and rules

To view rule groups and rules

  1. Browse to the application gateway, and then select Web application firewall.
  2. Select Advanced rule configuration.
    This view shows a table on the page of all the rule groups provided with the chosen rule set. All of the rule's check boxes are selected.

Configure disabled rules

Search for rules to disable

The Web application firewall settings blade provides the capability to filter the rules through a text search. The result displays only the rule groups and rules that contain the text you searched for.

Search for rules

Disable rule groups and rules

When your're disabling rules, you can disable an entire rule group or specific rules under one or more rule groups.

To disable rule groups or specific rules

  1. Search for the rules or rule groups that you want to disable.
  2. Clear the check boxes for the rules that you want to disable.
  3. Select Save.

Save changes

Next steps

After you configure your disabled rules, you can learn how to view your WAF logs. For more information, see Application Gateway diagnostics.