I'm setting up WAF rules for azure front door services provided by Microsoft Azure. Currently, I'm using default ruleset 1.0 provided OTB to block top 10 OWSAP threats.
When default rules are enabled, we observe 403 error and not able to understand which policy is blocking the request.
Any change to WAF policy takes minimum 7 to 15 minutes to get applied. I need to understand if there is any efficient way to make the change and test.
What is the best possible way to determine what ruleset needs to be enabled or disabled ?
We tried enabling all ruleset and website started throwing 403 error. Currently, we are enabling one rule at a time and verifying if the rule blocks any requests.