Web Application Firewall documentation

Web Application Firewall (WAF) provides centralized protection of your web applications from common exploits and vulnerabilities. You can deploy WAF on Azure Application Gateway or WAF on Azure Front Door Service.

• Azure Web Application Firewall documentation
• Overview
  • What is Azure Web Application Firewall?
  • Application Gateway
    • Web Application Firewall on Application Gateway
    • What's new
  • Front Door
    • Web Application Firewall on Azure Front Door
  • Content Delivery Network
    • Web Application Firewall on Azure CDN
• Quickstarts
  • Application Gateway
    • Deploy WAF v2 - Bicep
    • Deploy WAF v2 - ARM template
• Tutorials
  • Application Gateway
    • Enable Web Application Firewall
  • Front Door
    • Configure WAF policy - portal
• Concepts
  • Application Gateway
    • Managed rules
    • Custom rules overview
    • Geomatch custom rules
    • Exclusion lists
    • Request size limits
    • WAF Policy overview
    • Bot protection overview
    • WAF engine
    • Sensitive Data Protection
    • Rate limiting
    • Best practices
    • FAQ
  • Front Door
    • Tuning
    • Managed rules
    • Custom rules
    • Exclusion lists
    • Policy settings
    • Sensitive Data Protection
    • Rate limiting
    • Geo-filtering
    • Best practices
    • FAQ
  • Security
    • Security baseline
    • Application DDoS protection
    • Microsoft Copilot for Security
  • WAF and Azure Policy
  • JavaScript challenge
• How-to guides
  • Application Gateway
    • Create WAF policy
    • Configure Web Application Firewall
      • Azure PowerShell
      • Azure CLI
    • Upgrade WAF
      • Upgrade to WAF policy
      • Upgrade using PowerShell
    • Per-site policies
    • Customize WAF rules
      • Azure portal
      • Azure PowerShell
      • Azure CLI
    • Configure WAF v2 custom rule - PowerShell
    • Custom rule examples
    • Bot protection
    • Associate a policy with an existing Application Gateway
    • Resource logs
    • Monitoring and logging
    • Mask sensitive data
    • Create rate limiting rules
    • Troubleshoot WAF
  • Front Door
    • Configure WAF policy - PowerShell
    • Configure bot protection
    • Configure exclusion lists
    • Configure custom response code
    • Configure IP restrictions
    • Mask sensitive data
    • Configure rate limit
    • Configure a geo-filtering WAF policy
    • Monitoring and logging
  • Configure policies using Firewall Manager
  • Protect APIs hosted in APIM using Web Application Firewall
  • Protect Azure OpenAI using Azure Web Application Firewall
  • Using Microsoft Sentinel with Web Application Firewall
  • Detect new threats using Microsoft Sentinel
  • Automated detection and response
  • Use geomatch custom rules to enhance network security
• Troubleshoot
  • Application Gateway
    • Troubleshoot WAF
    • Log analytics
• Reference
  • Managed rules
    • Front Door
    • Application Gateway
  • Azure CLI
    • Front Door
    • Application Gateway
    • CDN
  • Azure PowerShell
    • Front Door
    • Application Gateway
    • CDN
  • REST API
    • Front Door
    • Application Gateway
  • .NET
  • Java
  • Node.js
  • Python
• Resources
  • Author templates
  • Azure Roadmap
  • Community templates
  • Pricing
  • Regional availability