Skip to content

Commit

Permalink
Add support for JSChallenge action in Application Gateway Web applica…
Browse files Browse the repository at this point in the history 
…tion Firewall (#26149)

* Add support for JSChallenge action

Add support for JSChallenge action in the list of supported actions for Custom rules and Managed rules

* Update WafPolicyGet.json

* Update WafPolicyCreateOrUpdate.json
  • Loading branch information
@ssevugan21
ssevugan21 authored Oct 12, 2023
1 parent 290a04f commit 77dc103
Show file tree
Hide file tree
Showing 3 changed files with 205 additions and 2 deletions.
150 changes: 150 additions & 0 deletions ...esource-manager/Microsoft.Network/stable/2023-06-01/examples/WafPolicyCreateOrUpdate.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,22 @@
]
}
]
},
{
"ruleSetType": "Microsoft_BotManagerRuleSet",
"ruleSetVersion": "1.0",
"ruleGroupOverrides": [
{
"ruleGroupName": "UnknownBots",
"rules": [
{
"ruleId": "300700",
"state": "Enabled",
"action": "JSChallenge"
}
]
}
]
}
],
"exclusions": [
Expand Down Expand Up @@ -184,6 +200,38 @@
}
],
"action": "Block"
},
{
"name": "Rule4",
"priority": 4,
"ruleType": "MatchRule",
"matchConditions": [
{
"matchVariables": [
{
"variableName": "RemoteAddr",
"selector": null
}
],
"operator": "IPMatch",
"matchValues": [
"192.168.1.0/24"
]
},
{
"matchVariables": [
{
"variableName": "RequestHeaders",
"selector": "UserAgent"
}
],
"operator": "Contains",
"matchValues": [
"Bot"
]
}
],
"action": "JSChallenge"
}
]
}
Expand Down Expand Up @@ -253,6 +301,22 @@
]
}
]
},
{
"ruleSetType": "Microsoft_BotManagerRuleSet",
"ruleSetVersion": "1.0",
"ruleGroupOverrides": [
{
"ruleGroupName": "UnknownBots",
"rules": [
{
"ruleId": "300700",
"state": "Enabled",
"action": "JSChallenge"
}
]
}
]
}
],
"exclusions": [
Expand Down Expand Up @@ -396,6 +460,41 @@
}
],
"action": "Block"
},
{
"name": "Rule4",
"priority": 4,
"state": "Enabled",
"ruleType": "MatchRule",
"matchConditions": [
{
"matchVariables": [
{
"variableName": "RemoteAddr",
"selector": null
}
],
"operator": "IPMatch",
"negationConditon": false,
"matchValues": [
"192.168.1.0/24"
]
},
{
"matchVariables": [
{
"variableName": "RequestHeaders",
"selector": "UserAgent"
}
],
"operator": "Contains",
"negationConditon": false,
"matchValues": [
"Bot"
]
}
],
"action": "JSChallenge"
}
]
}
Expand Down Expand Up @@ -448,6 +547,22 @@
]
}
]
},
{
"ruleSetType": "Microsoft_BotManagerRuleSet",
"ruleSetVersion": "1.0",
"ruleGroupOverrides": [
{
"ruleGroupName": "UnknownBots",
"rules": [
{
"ruleId": "300700",
"state": "Enabled",
"action": "JSChallenge"
}
]
}
]
}
],
"exclusions": [
Expand Down Expand Up @@ -591,6 +706,41 @@
}
],
"action": "Block"
},
{
"name": "Rule4",
"priority": 4,
"state": "Enabled",
"ruleType": "MatchRule",
"matchConditions": [
{
"matchVariables": [
{
"variableName": "RemoteAddr",
"selector": null
}
],
"operator": "IPMatch",
"negationConditon": false,
"matchValues": [
"192.168.1.0/24"
]
},
{
"matchVariables": [
{
"variableName": "RequestHeaders",
"selector": "UserAgent"
}
],
"operator": "Contains",
"negationConditon": false,
"matchValues": [
"Bot"
]
}
],
"action": "JSChallenge"
}
]
}
Expand Down
51 changes: 51 additions & 0 deletions ...n/network/resource-manager/Microsoft.Network/stable/2023-06-01/examples/WafPolicyGet.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,41 @@
}
],
"action": "Block"
},
{
"name": "Rule4",
"priority": 4,
"state": "Enabled",
"ruleType": "MatchRule",
"matchConditions": [
{
"matchVariables": [
{
"variableName": "RemoteAddr",
"selector": null
}
],
"operator": "IPMatch",
"negationConditon": false,
"matchValues": [
"192.168.1.0/24"
]
},
{
"matchVariables": [
{
"variableName": "RequestHeaders",
"selector": "UserAgent"
}
],
"operator": "Contains",
"negationConditon": false,
"matchValues": [
"Bot"
]
}
],
"action": "JSChallenge"
}
],
"managedRules": {
Expand Down Expand Up @@ -188,6 +223,22 @@
]
}
]
},
{
"ruleSetType": "Microsoft_BotManagerRuleSet",
"ruleSetVersion": "1.0",
"ruleGroupOverrides": [
{
"ruleGroupName": "UnknownBots",
"rules": [
{
"ruleId": "300700",
"state": "Enabled",
"action": "JSChallenge"
}
]
}
]
}
],
"exclusions": [
Expand Down
6 changes: 4 additions & 2 deletions .../network/resource-manager/Microsoft.Network/stable/2023-06-01/webapplicationfirewall.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -608,7 +608,8 @@
"enum": [
"Allow",
"Block",
"Log"
"Log",
"JSChallenge"
],
"x-ms-enum": {
"name": "WebApplicationFirewallAction",
Expand Down Expand Up @@ -954,7 +955,8 @@
"AnomalyScoring",
"Allow",
"Block",
"Log"
"Log",
"JSChallenge"
],
"x-ms-enum": {
"name": "ActionType",
Expand Down

0 comments on commit 77dc103

Please sign in to comment.