Azure WAF Setup Guide: Application Gateway and Front Door WAF Configuration
Azure Web Application Firewall (WAF) protects web applications from common exploits and vulnerabilities including SQL injection, cross-site scripting, and other OWASP Top 10 threats. This guide covers deploying WAF on both Application Gateway and Azure Front Door with managed rules, custom rules, and bot protection. Overview Azure WAF can be deployed on three services: Application Gateway : Regional layer 7 load balancer with WAF Azure Front Door : Global CDN and load balancer with edge WAF Azure CDN : Content delivery network with WAF capabilities This guide focuses on Application Gateway and Front Door, the most common deployment options. Prerequisites Before deploying Azure WAF: Azure subscription with Contributor access Virtual Network with dedicated subnet for Application Gateway Backend application to protect (App Service, VMs, AKS, etc.) Azure CLI (2.50.0+) or Azure Portal access Public DNS for custom domain configuration (optional) Under...