Description
This policy identifies Azure Application Gateways whose WAF Policy does not have the request body inspection setting enabled. Enable request body inspection so that the Web Application Firewall evaluates the contents of HTTP message bodies for potential threats.
Rationaleβ
Enabling request body inspection strengthens security by allowing the Web Application Firewall to detect common attacks, such as SQL injection and cross-site scripting.
Impactβ
Minor performance impact on the Web Application Firewall. Additional effort may be required to monitor findings.
Auditβ
This policy flags an Azure Application Gateway as INCOMPLIANT if any of its WAF policy has the Request body inspection property Disabled.
Default Valueβ
Request body inspection is enabled by default on Azure Application Gateways with Web Application Firewall.