ivemo.se

Bypassing custom rules using the RequestHeaders match variable in WAF v2

1 1

I had a case the other day where a custom rule in a Web Application Firewall v2 policy attached to an Application Gateway behaved kind of funky. The rule was setup to deny traffic if a specific request header in the HTTP request was not present. At first everything looked good but after a while...

#azure

3h ago