Skip to content

Use Front Door WAF policy in prevention mode#

Security · Front Door · Azure.FrontDoor.WAF.Mode

Use protection mode in Front Door Web Application Firewall (WAF) policies to protect back end resources.

Description#

Front Door WAF policies support two modes of operation, detection and prevention. By default, prevention is configured.

  • Detection - monitors and logs all requests which match a WAF rule. In this mode, the WAF doesn't take action against incoming requests. To log requests, diagnostics on the Front Door instance must be configured.
  • Protection - log and takes action against requests which match a WAF rule. The action to perform is configurable for each WAF rule.

Recommendation#

Consider setting Front Door WAF policy to use protection mode.


Last update: 2021-09-24