Microsoft WAF badBot rule 100200 is not able to differentiate between real spoofed vs Microsoft component IP
Microsoft WAF badBot rule 100200 is not able to differentiate between real spoofed IP vs Microsoft system spoofed IPs. Since we are using CDN ahead of AFD(as it is not fully capable like Azure CDN now)There are genuine requests from Google Bot is getting blocked in Badbot rule as the requests are containing socket IP's as CDN PoP location lP's in the request along with client IP's. Hence Badbot rule detected it has spoofed requests. Since Azure CDN and AFD's are Microsoft supported products, either the rule should be able to differentiate the real spoofed IPs vs in their own products requests, else should have an option to not to forward the PoP IP's in the requests.
It is required feature on Azure CDN cloud