Enable Front Door WAF policy

Security · Front Door · Rule · 2020_06 · Critical

Front Door Web Application Firewall (WAF) policy must be enabled to protect back end resources.

Description

The operational state of a Front Door WAF policy instance is configurable, either enabled or disabled. By default, a WAF policy is enabled.

When disabled, incoming requests bypass the WAF policy and are sent to back ends based on routing rules.

Recommendation

Consider enabling WAF policy.

Links

• SE:06 Network controls
• Securing PaaS deployments
• Policy settings for Web Application Firewall on Azure Front Door
• Azure deployment reference

Comments