Views:
Applies to Product - Power Pages

What’s happening?
Need for protection against malicious file uploads in Power Pages, specifically when users upload files through web interfaces.

Reason:
There is no out-of-the-box (OOB) feature available to prompt users at their interface to scan the uploaded files for malicious content.

Resolution:
To protect against malicious files uploaded through Power Pages, utilize the Web Application Firewall (WAF) for Power applications. The WAF provides centralized protection by defending against common exploits and vulnerabilities, preventing malicious attacks before they enter the network. It can be configured using an Azure profile with the appropriate mode enabled, which blocks requests matching the rules defined in the managed rule set. For further details, refer to Configure Web Application Firewall for Power Pages | Microsoft Learn