π‘οΈ Azure Application Gateway WAF policy Request body inspection property is not enabledπ’
- Contextual name: π‘οΈ Application Gateway WAF policy Request body inspection property is not enabledπ’
- ID:
/ce/ca/azure/application-gateway/gateway-waf-request-body-inspection - Tags:
- π’ Policy with categories
- π’ Policy with type
- π’ Production policy
- Policy Type:
COMPLIANCE_POLICY - Policy Categories:
SECURITY
Logicβ
- π§ prod.logic.yamlπ’
Descriptionβ
Descriptionβ
This policy identifies Azure Application Gateways whose WAF Policy does not have the request body inspection setting enabled. Enable request body inspection so that the Web Application Firewall evaluates the contents of HTTP message bodies for potential threats.
Rationaleβ
Enabling request body inspection strengthens security by allowing the Web Application Firewall to detect common attacks, such as SQL injection and cross-site scripting.
Impactβ
Minor performance impact on the Web Application Firewall. Additional effort may be required to monitor findings.
Auditβ
This policy flags an Azure Application Gateway as
INCOMPLIANTif any of its WAF policy has theRequest body inspectionproperty Disabled.Default Valueβ
Request body inspection is enabled by default on Azure Application Gateways with Web Application Firewall.
Referencesβ
- https://learn.microsoft.com/en-gb/azure/web-application-firewall/ag/application-gateway-waf-request-size-limits#request-body-inspection
- https://learn.microsoft.com/en-us/cli/azure/network/application-gateway
... see more
Remediationβ
Remediationβ
From Azure Portalβ
- Go to
Application gateways.- Click the name of an application gateway.
- Under
Settings, clickWeb application firewall.- Under
Associated web application firewall policy, click the policy name.- Under
Settings, clickPolicy settings.- Check the box next to
Enforce request body inspection.- Click
Save.- Repeat steps 1-7 for each application gateway and firewall policy requiring remediation.
From Azure CLIβ
For each firewall policy requiring remediation, run the following command to enable request body inspection:
az network application-gateway waf-policy update --ids <firewall-policy> --policy-settings request-body-check=true
policy.yamlβ
Linked Framework Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| πΌ CIS Azure v5.0.0 β πΌ 7.14 Ensure request body inspection is enabled in Azure Web Application Firewall policy on Azure Application Gateway (Automated) | 1 | no data | |||
| πΌ Cloudaware Framework β πΌ Threat Protection | 48 | no data |