Azure-docs: Missing rule definitions?
Portal lets you set a number of rules including ones that aren't described in the above. The following are options in OWASP 3.0 but not listed above:
942200 - Detects MySQL comment-/space-obfuscated injections and backtick termination
942260 - Detects basic SQL authentication bypass attempts 2/3
942340 - Detects basic SQL authentication bypass attempts 3/3
942370 - Detects classic SQL injection probings 2/2
Document Details
⚠Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: f9c5b784-df0f-30cc-1547-bb4de751b7de
- Version Independent ID: 8434d925-968a-ceea-e1f6-56d7816f7b3d
- Content: Azure Application Gateway web application firewall CRS rule groups and rules
- Content Source: articles/application-gateway/application-gateway-crs-rulegroups-rules.md
- Service: application-gateway
- GitHub Login: @vhorne
- Microsoft Alias: victorh
mgfink
All 5 comments
@mgfink Thanks for the feedback! I have assigned the issue to the content author to evaluate and update as appropriate.
TravisCragg-MSFT
on 11 Sep 2018
Hello.
Any news about this subject ? I can see too that those rules are applied in the WAF logs, but impossible to deactivate them.
Thank you in advance.
Regards
LudoBoggioTotal
on 4 Feb 2019
@mgfink
These SQL rules have been added.
vhorne
on 5 Apr 2019
Thanks for updating!
mgfink
on 8 Apr 2019
@mgfink
These SQL rules have been added.
Validated ! Thank you very much :)
LudoBoggioTotal
on 8 Apr 2019
Related issues
Favna
·
3Comments
Agazoth
·
3Comments
spottedmahn
·
3Comments
JeffLoo-ong
·
3Comments
behnam89
·
3Comments
Most helpful comment
Hello.
Any news about this subject ? I can see too that those rules are applied in the WAF logs, but impossible to deactivate them.
Thank you in advance.
Regards