More Info:
Enable Web Application Firewall recommendations for virtual machines.Risk Level
LowAddress
Security, Operational MaturityCompliance Standards
SOC2, ISO27001, HIPAA, HITRUSTTriage and Remediation
Remediation
Using Console
Using Console
To remediate the “Monitor Web Application Firewall setting is not enabled” misconfiguration in Azure using the Azure console, you can follow the below steps:
- Open the Azure portal and navigate to the Azure Application Gateway resource that you want to configure.
- Click on the “Firewall” option under the “Security” section in the left-hand menu.
- Under the “Web application firewall” section, click on the “Edit” button.
- In the “Web application firewall settings” page, scroll down to the “Diagnostic logs” section.
- Click on the “Enable” button next to “Send logs to Log Analytics workspace”.
- Select the Log Analytics workspace that you want to use for storing the diagnostic logs.
- Click on the “Save” button to save the changes.
Using CLI
Using CLI
To remediate the “Monitor Web Application Firewall setting is not enabled” misconfiguration in Azure using Azure CLI, please follow the below steps:
-
Open the Azure CLI command prompt and log in to your Azure account using the command:
az login
-
Once you are logged in, set your subscription using the command:
az account set --subscription <subscription_id>
-
Enable the Web Application Firewall (WAF) monitoring by running the following command:
az network application-gateway waf-policy set --name <waf_policy_name> --resource-group <resource_group_name> --firewall-mode Detection
Note: Replace<waf_policy_name>
and<resource_group_name>
with the actual names of your WAF policy and resource group. -
Verify that the WAF monitoring is enabled by running the following command:
az network application-gateway waf-policy show --name <waf_policy_name> --resource-group <resource_group_name>
This command will display the details of your WAF policy, including the firewall mode which should now be set to “Detection”. - Finally, you can also verify the WAF monitoring status by checking the Azure Security Center dashboard.
Using Python
Using Python
To remediate the misconfiguration “Monitor Web Application Firewall setting is not enabled” for Azure using Python, follow the below steps:Step 1: Import the required librariesStep 2: Authenticate and create the MonitorManagementClient objectStep 3: Retrieve the existing web application firewall settingsStep 4: Check if the “Monitor Web Application Firewall setting” metric is enabledStep 5: If the metric is not enabled, enable itThe above steps will enable the “Monitor Web Application Firewall setting” metric for your Azure front door using Python.