Our web application use SignalR to keep an open connection from the clients to the web server. This connection is flagged as a slow client attack (slow read response).
Is there a way to set an exception on the WAF to not check for this type of attack on only the SignalR URL? (but keep other checks enabled on this URL)
Under Websites / DDOS prevention / Slow Client Attack Prevention, I do not see an option to set an exception, but we also don't want to turn off the checks completely.