Web Application Firewall (WAF) for Azure Front Door service is now generally available. Customers can use WAF to define security policies that allow, block, forward or rate limit access to their web applications delivered through Azure Front Door.
- A WAF security policy may consist of an ordered list of custom rules and Azure managed pre-configured rulesets.
- Custom rules are based on a combination of client IP addresses, geolocation, http parameters, request methods and size constraints.
- The pre-configured default rule set can be enabled to protect your applications from OWASP top 10 threats.
- New or updated WAF configurations are deployed globally within minutes, letting you respond quickly to changing attack patterns.
- WAF for Azure Front Door is integrated with Azure Monitor and the logs can be accessed through an Azure storage account, Azure Event Hub or Azure Log Analytics.