如何将 Azure WAF 中的 ip 地址列入白名单
[英]How to whitelist an ip address in Azure WAF
问题描述
I have an Azure Application Gateway Web Application Firewall using the OWASP 3.0 ruleset.
我有一个使用OWASP 3.0规则集的 Azure 应用程序网关 Web 应用程序防火墙。 I created a custom policy so I could create a custom rule which simply allows traffic if it's from a specific IP Address and it has a priority of 1 .我创建了一个自定义策略,因此我可以创建一个自定义规则,如果它来自特定的 IP 地址并且它的优先级为1 ,则它只允许流量。 This is great and I can see log entries in the firewall logs that the rule has been matched.这很棒,我可以在防火墙日志中看到规则已匹配的日志条目。 However, I also see log entries that some of the OWASP rules have been matched as well.但是,我还看到一些 OWASP 规则也已匹配的日志条目。
My question is whether or not it is possible to prevent further rule/ruleset processing for this specific ip address?我的问题是是否可以阻止对这个特定的 ip 地址进行进一步的规则/规则集处理?
1 个解决方案
解决方案1
3 已采纳 2020-04-07 17:25:09
In WAF Application Gateway, custom policy takes precedence.在 WAF 应用网关中,自定义策略优先。 So if you have a rule to allow certain IP and if that matches, the other rules of OWASP are not processed.因此,如果您有允许某些 IP 的规则,并且如果匹配,则不会处理 OWASP 的其他规则。 The traffic is allowed.流量是允许的。
This is the behavior as of today, please provide feedback in User voice if you have a different scenario.这是今天的行为,如果您有不同的情况,请以用户语音提供反馈。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.