When configuring WAFs I'm used to configuring the lowest priority rule to block all inbound http/https traffic. I then add higher priority allow rules to open up the access I require.
I cant see how I can create a "block all" rule in the Azure Application Gateway's WAF custom rules?
So.. this is how you can do this (apologies the config is in terraform format)
custom_rules { name = "blockAllPaths" priority = 90 rule_type = "MatchRule"
match_conditions {
match_variables {
variable_name = "RequestUri"
}
operator = "BeginsWith"
negation_condition = false
match_values = ["/"]
}
action = "Block"
}