What custom authored rules can be created in Azure Front Door Web Application Firewall (WAF)?

Experience Level: Junior
Tags: Azure CloudAzure Front Door

Answer

You can configure custom rules WAF as follows:

  • IP allow list and block list: You can control access to your web applications based on a list of client IP addresses or IP address ranges. Both IPv4 and IPv6 address types are supported. This list can be configured to either block or allow those requests where the source IP matches an IP in the list.
  • Geographic based access control: You can control access to your web applications based on the country code that's associated with a client’s IP address.
  • HTTP parameters-based access control: You can base rules on string matches in HTTP/HTTPS request parameters. For example, query strings, POST args, Request URI, Request Header, and Request Body.
  • Request method-based access control: You base rules on the HTTP request method of the request. For example, GET, PUT, or HEAD.
  • Size constraint: You can base rules on the lengths of specific parts of a request such as query string, Uri, or request body.
  • Rate limiting rules: A rate control rule limits abnormally high traffic from any client IP address. You may configure a threshold on the number of web requests allowed from a client IP during a one-minute duration. This rule is distinct from an IP list-based allow/block custom rule that either allows all or blocks all request from a client IP. Rate limits can be combined with additional match conditions such as HTTP(S) parameter matches for granular rate control.

Comments

No Comments Yet.
Be the first to tell us what you think.
Azure Front Door
Azure Front Door

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself
AZ-700 Designing and Implementing Microsoft Azure Networking Solutions preparation
AZ-700 Designing and Implementing Microsoft Azure Networking Solutions preparation

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself