I have a Magento site set up in an Azure VM which is behind the Azure front door. Azure WAF policy is set in detection mode. When reviewing the logs for Azure Front door WAF, I can majorly find the block request is for “SQL Injection Attack: SQL Operator Detected”, “Detects basic SQL authentication bypass 2/3”, and “Inbound Anomaly Score Exceeded” I do have a business account for Cloudflare and SQL and Magento related rules are already enabled at Cloudflare end.
I assume these requests should be blocked at the Cloudflare end and should not have reached the front door WAF. Please let me know what other rules need to be setup so that these request doesn’t reach the front door and get blocked at Cloudflare.