|
|
|
|
|
|
by sebazzz
754 days ago
|
|
|
I know of at least one Azure Application Gateway (which is a WAF) where the company-wide policy is to enable all the Rules, even the ones Microsoft says not to enable. This results in fun debugging sessions for issues, where random requests are blocked, also often redirects from Azure AD logins where it apparently triggers on the JWT token. |
|
|