403 禁止 microsoft-azure-application-gateway/v2
[英]403 forbidden microsoft-azure-application-gateway/v2
问题描述
I currently have a WordPress website hosted on 3 virtual machines behind an application gateway.
我目前有一个 WordPress 网站托管在应用程序网关后面的 3 个虚拟机上。 When users are trying to submit a form via our websites sponsorship pane, after clicking submit users are prompted with: 403 forbidden microsoft-azure-application-gateway/v2当用户尝试通过我们的网站赞助窗格提交表单时,单击提交后会提示用户:403 disabled microsoft-azure-application-gateway/v2
I've done a significant amount of research and viewed the logs and I'm not seeing any red flag that is causing restricted access to the resource.我进行了大量研究并查看了日志,但没有看到任何导致资源访问受限的危险信号。 The WAF is set to prevention so maybe it's seeing the form submission as a type of malicious activity and blocking it? WAF 设置为预防,所以它可能将表单提交视为一种恶意活动并阻止它? Not quite sure at this point though.不过目前还不太确定。
I am not a web master, so my scope of service stops after it leaves the Azure portal.我不是 web 主人,所以我的 scope 服务在离开 Azure 门户后停止。
Please advise.请指教。
1 个解决方案
解决方案1
4 2020-08-17 20:14:20
After digging around the WAF logs, the way that the form is being transmitted to the website is being flagged as malicious and classifying the request as an SQL injection attack.在挖掘 WAF 日志之后,将表单传输到网站的方式被标记为恶意,并将请求分类为 SQL 注入攻击。
How I mitigated it in two ways:我如何通过两种方式减轻它:
- Navigated to the Web application firewall (WAF) and disabled the rule in question导航到 Web 应用程序防火墙 (WAF) 并禁用相关规则
- Add specific custom rules for exclusions for specific URLs为特定 URL 的排除添加特定的自定义规则
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.