WAF_v2 in Azure's Application Gateway is quite strong tool how to work with incoming traffic on web app. I had to do some exception on traffic filtering based on HTTP headers and use AZ CLI for that.
Structure of work is following: Application Gateway WAF policy set Match variable RequestHeaders correct Header name. There is no direct command under creation sequence of az network
application-gateway waf-policy custom-rule create AND az network
application-gateway waf-policy custom-rule match-condition add.
You can check existing settings with get command:
az network application-gateway waf-policy custom-rule show --name <RULE_NAME> --policy-name <WAF_NAME> -g <RG> --query matchConditions[].matchVariables -o tsv
To do a change you need to use following set command:
az network application-gateway waf-policy custom-rule update --name <RULE_NAME> --policy-name <WAF_NAME> --set matchConditions[0].matchVariables[0].selector=Referer
After that review the change again and that's all.
Žádné komentáře :
Okomentovat
Dotaz, připomínka, oprava?
(pokud máte problém s vložením příspěvku, vyzkoušejte to v prohlížeči Chrome)