How To Disable Azure WAF Mandatory rule?

Question

{
    "timeStamp": "2021-01-29T11:03:40+00:00",
    "resourceId": "/SUBSCRIPTIONS/0000000000-0000000-0000000-000/RESOURCEGROUPS/resourcegroup/PROVIDERS/MICROSOFT.NETWORK/APPLICATIONGATEWAYS/WAF-GATEWAY",
    "operationName": "ApplicationGatewayFirewall",
    "category": "ApplicationGatewayFirewallLog",
    "properties": {
        "instanceId": "appgw_2",
        "clientIp": "103.151.000.00",
        "clientPort": "",
        "requestUri": "\/api\/auth-processor\/Google",
        "ruleSetType": "OWASP_CRS",
        "ruleSetVersion": "3.0.0",
        "ruleId": "949110",
        "message": "Mandatory rule. Cannot be disabled. Inbound Anomaly Score Exceeded (Total Score: 28)",
        "action": "Blocked",
        "site": "Global",
        "details": {
            "message": "Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. ",
            "data": "",
            "file": "rules\/REQUEST-949-BLOCKING-EVALUATION.conf",
            "line": "57"
        },
        "hostname": "www.googoggo.com",
        "transactionId": "9b8a3d7023bf1d90b13660c1b788f05f",
        "policyId": "default",
        "policyScope": "Global",
        "policyScopeName": "Global"
    }
}

I have been using the azure application gateway WAF, which blocking my registration using google mail, is there any way I can avoid the rule?

Answer 1

We cannot disable WAF policy directly from the azure application gateway first you need to Migrate Web Application Firewall policies using Azure PowerShell. The below document shows how to do that.

https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/migrate-policy

After migrating your WAF policy azure application gateway look like the above image

by clicking the WAFpolicy you can add your own custom rules that can override the mandatory rule set.