This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF modifying content without logging.

We have many WAFs configured in Azure and they seem to modify the content of CSS files even though there is no logging of such event. Is there a way to turn on debugging, etc.? Now it seems to be doing something to OIDC calls after IPS pattern updates that went out on 12/31/2021. Again, no logs of such event in reverseproxy.log. What gives?

This thread was automatically locked due to age.

Parents

0 dirkkotte over 3 years ago

what changes do you see?
Cancel
Vote Up 0 Vote Down

Cancel
0 NateP over 3 years ago in reply to dirkkotte

Our apps which use CSS files to present icons in navigation menus, have the icons replaced with strange looking characters. Now, the big issue is authentication within our app is broken unless we skip all checks for a given path (or remove the protection policy entirely). Again nothing is logged as far as anomalies, threats, etc. It's concerning that content is being modified without any such logs.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 NateP over 3 years ago in reply to dirkkotte

Our apps which use CSS files to present icons in navigation menus, have the icons replaced with strange looking characters. Now, the big issue is authentication within our app is broken unless we skip all checks for a given path (or remove the protection policy entirely). Again nothing is logged as far as anomalies, threats, etc. It's concerning that content is being modified without any such logs.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data