Requesting Assistance to Resolve the issue with azure WAF rule 942440

Vipul Laxmikant Redkar 0 Reputation points
2024-10-15T13:05:41.3633333+00:00

Hi Team,

We have hosted the application on the Azur server using the app gateway and also applied WAF provisions. However, we are facing the issue below. The application's host needs assistance solving the rules to load the application URL.

ruleSetVersion_s: 942440 and 949110

ruleSetVersion_s: 3.2

requestUri_s: /assets/plugins/global/plugins.bundle.js?v=1XPYiGzJm36asvv-4F024b79abIm121b5OBJU6--LuY?v=1XPYiGzJm36asvv-4F024b79abIm121b5OBJU6--LuY

OperationName: ApplicationGatewayFirewal

Azure Web Application Firewall
{count} votes

1 answer

Sort by: Most helpful
  1. Sai Prasanna Sinde 1,260 Reputation points Microsoft Vendor
    2024-10-17T02:37:59.6933333+00:00

    Hi @Vipul Laxmikant Redkar

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    1. As the rule 949110 is a mandatory rule, so that cannot be disabled, and which gets triggered when the anomaly score meets the threshold. For your reference: https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/application-gateway-crs-rulegroups-rules?tabs=drs21#anomaly-scoring User's image
    2. There might be a chance that the 942440 rule is affecting the Anomaly score to increase.
    3. If you feel it is a false positive one you can disable it or create an exclusion list or else create a custom rule.
    4. As per the document the rule 942440 is replaced by MSTIC rule 99031002.
      User's image Kindly let us know if the above helps or you need further assistance on this issue.

    Thanks,

    Sai Prasanna.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.