Enable Front Door WAF policy#
Front Door Web Application Firewall (WAF) policy must be enabled to protect back end resources.
The operational state of a Front Door WAF policy instance is configurable, either enabled or disabled. By default, a WAF policy is enabled.
When disabled, incoming requests bypass the WAF policy and are sent to back ends based on routing rules.
Consider enabling WAF policy.
- Best practices for endpoint security on Azure
- Securing PaaS deployments
- Policy settings for Web Application Firewall on Azure Front Door
- Azure deployment reference