0 
{
    "timeStamp": "2021-01-29T11:03:40+00:00",
    "resourceId": "/SUBSCRIPTIONS/0000000000-0000000-0000000-000/RESOURCEGROUPS/resourcegroup/PROVIDERS/MICROSOFT.NETWORK/APPLICATIONGATEWAYS/WAF-GATEWAY",
    "operationName": "ApplicationGatewayFirewall",
    "category": "ApplicationGatewayFirewallLog",
    "properties": {
        "instanceId": "appgw_2",
        "clientIp": "103.151.000.00",
        "clientPort": "",
        "requestUri": "\/api\/auth-processor\/Google",
        "ruleSetType": "OWASP_CRS",
        "ruleSetVersion": "3.0.0",
        "ruleId": "949110",
        "message": "Mandatory rule. Cannot be disabled. Inbound Anomaly Score Exceeded (Total Score: 28)",
        "action": "Blocked",
        "site": "Global",
        "details": {
            "message": "Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. ",
            "data": "",
            "file": "rules\/REQUEST-949-BLOCKING-EVALUATION.conf",
            "line": "57"
        },
        "hostname": "www.googoggo.com",
        "transactionId": "9b8a3d7023bf1d90b13660c1b788f05f",
        "policyId": "default",
        "policyScope": "Global",
        "policyScopeName": "Global"
    }
}

我一直在使用 azure 应用程序网关 WAF,它阻止了我使用谷歌邮件的注册,有什么办法可以避免这个规则吗?

4

1 回答 1

0

我们无法直接从 azure 应用程序网关禁用 WAF 策略,首先您需要使用 Azure PowerShell 迁移 Web 应用程序防火墙策略。下面的文档显示了如何做到这一点。

https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/migrate-policy

瓦夫在加特

迁移 WAF 策略后,Azure 应用程序网关如上图所示

通过单击 WAFpolicy,您可以添加自己的自定义规则,这些规则可以覆盖强制规则集。 在此处输入图像描述

于 2021-04-16T03:28:51.883 回答