I’m working on an ASP.NET web application that uses WCF services to handle AJAX requests. When I enable Web Application Firewall (WAF) in Detect Mode on Azure, some of the WCF service calls are being flagged, and the requests are detected as suspicious. Specifically, the issue occurs when a user signs up, and we call the GetUsers() function via the WCF service.
Here’s an overview of the setup:
Page: user.aspx
JavaScript: user.js
In user.js, I call a WCF service using GetAjaxService() to retrieve user data:
$(document).ready(function () {
GetUsers();
});
function GetUsers() {
GetAjaxService().GetUsers(function (result) {
if (result != null) {
// Process result
}
});
}
After enabling WAF detect mode, the call to GetUsers() through GetAjaxService() is being flagged by WAF.
What I’ve Tried:
1.Verified that the WCF service works without WAF enabled.
2.Checked for any abnormal headers or missing headers that could cause WAF to flag the request.
3.Debugged WAF logs, and I noticed it’s being detected as a bot or as a missing Accept header.
My Questions:
1.How can I modify my WCF service calls or client-side code to prevent WAF from flagging these requests?
2.Are there specific rules or headers I should add to avoid detection by WAF?
3.Is there a best practice to handle WCF service calls with WAF enabled in an ASP.NET web application?
Log info:-
message :-‘Other bots’
ruleId_s:- ‘300700’
ruleroup_s:- ‘UnkownBots’
Action:-‘Detected’
details_data_s :-‘{ found within [REQUEST_HEADERS:]}’
Any insights on how to resolve this issue would be greatly appreciated.