Skip to content

Enable Front Door WAF policy#

Security · Front Door · Rule · 2020_06 · Critical

Front Door Web Application Firewall (WAF) policy must be enabled to protect back end resources.

Description#

The operational state of a Front Door WAF policy instance is configurable, either enabled or disabled. By default, a WAF policy is enabled.

When disabled, incoming requests bypass the WAF policy and are sent to back ends based on routing rules.

Recommendation#

Consider enabling WAF policy.

Comments