Share via

Azure WAF false positive problems

Shigeru Nakagaki 205 Reputation points
2026-01-09T05:23:56.4233333+00:00

Hi.

Why does Azure WAF DRS 2.1 still have frequent false positives, and why hasn’t this been improved?

thanks

Azure Web Application Firewall
0 comments

Answer accepted by question author

Ravi Varma Mudduluru 11,960 Reputation points Microsoft External Staff Moderator
2026-01-09T07:41:40.64+00:00

Hello @Shigeru Nakagaki,

Thanks for reaching out to Microsoft Q&A.

I understand that you're experiencing with the frequent false positives with Azure WAF DRS 2.1.

One benefit of using an exclusion list is that only the match variable you select to exclude will no longer be inspected for that given request. That is, you can choose between specific request headers, request cookies, query string arguments, or request body post arguments to be excluded if a certain condition is met, as opposed to excluding the whole request from being inspected. The other nonspecified variables of the request are inspected normally. You can refer to the below document.

Reference: Web Application Firewall (WAF) exclusion lists.
User's image

Reference Document: Resolve false positives

Refining and customizing your rules may help reduce false positives. Misconfigurations can result in false alerts, so make sure your rules match your specific workloads.

Reference Documents:
Customize WAF rules through the Azure portal
Azure Web Application Firewall Monitoring and Logging
WAF Actions.

Kindly let us know if the above helps or you need further assistance on this issue. please share us the requested details in the private message.

Please "upvote" if the information helped you. This will help us and others in the community as well.

Was this answer helpful?

0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.