But getting 403 forbidden error. Checked the app gateway logs it was blocked due to the below rules
Message
Rule Id
@T T, Hrishikesh (Cognizant)
Thank you for reaching out on Microsoft Q&A forum.
If I understand correctly, you are currently trying to upload a file using multipart/form-data but you are getting a 403 forbidden error from App Gateway WAF and after looking at the waf logs you can see that the request is blocked by 200002 and 200003 rules of General WAF ruleset.
Based on my understanding above, Azure Application Gateway WAF when set in prevention mode throws a 403 error if it is unable to process the request body (200002 rule). The Rule 200003 looks at the muti part content of the request and if it is unable to process it an error thrown, and the request is blocked (False positive). In order to prevent this issue, you can take two approaches.
Modify the client code so that request is not blocked: You can run fiddler traces for this request and see how the request is sent to the WAF and if any modifications are required in the client code. If you need help in this case you can file a support request as support engineer can take a deeper look at your set-up and backend logs which can help to pin point the issue. Please let me know if you do not have a support plan. I can help in that regard.
Disable the 200002 and 200003 rules: For WAF 3.2 core ruleset, you have an option to disable the 20002 and 200003 rules. The recommended process here is to enable a separate WAF policy for this uri path as explained here and then disable rule 200002 and 200003. The advantage here is that the rules are disabled for that specific uri path only and rest of your website is still protected by original waf.
You can disable the rules as shown below:
Hope this helps! Please let me know if you have any additional questions. Thank you!
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
