This chapter covers Azure Web Application Firewall (WAF) policies, a critical security service that protects web applications from common exploits like SQL injection and cross-site scripting. For the AZ-104 exam, WAF appears under Networking objective 4.5 (Manage security policies) and typically accounts for 5-10% of questions. You must understand how WAF integrates with Azure Front Door and Application Gateway, the rule evaluation order, managed rule sets, and policy modes. This chapter provides the in-depth mechanism, configuration details, and exam traps you need to master this topic.
Jump to a section
Think of a Web Application Firewall like a highly trained bouncer at a VIP club. The club (your web application) has a main entrance (the HTTP/HTTPS endpoint). Normal patrons (legitimate HTTP requests) are allowed in if they follow the dress code and have a valid ID. But attackers try to sneak in with forged invitations (SQL injection payloads), fake IDs (cross-site scripting scripts), or by claiming they are the owner (session hijacking). The bouncer (WAF) checks every person against a detailed guest list (OWASP Top 10 rules) and a behavior profile. He doesn't just check the invitation; he inspects the ink, the signature, and the watermark. He also watches for people trying to enter too fast (rate limiting) or from suspicious cars (IP reputation). If someone fails, the bouncer doesn't just say no—he radios the police (logs to Azure Monitor) and may even take a photo (request logging) for evidence. The bouncer works alongside the club's security cameras (Azure Front Door or Application Gateway) and can be updated with new threat intelligence (managed rule sets) every week. Importantly, the bouncer only inspects the club entrance, not the backstage area (backend servers), so legitimate traffic flows freely once cleared.
What is Azure WAF and Why Does It Exist?
Azure Web Application Firewall (WAF) is a cloud-native, centralized protection service that filters and monitors HTTP/HTTPS traffic to web applications. It defends against the OWASP Top 10 web vulnerabilities, including SQL injection, cross-site scripting (XSS), and remote file inclusion. Unlike a network firewall (which operates at Layers 3-4), WAF operates at Layer 7 (application layer), inspecting the content of HTTP requests and responses. It exists because traditional network security cannot detect malicious payloads hidden in HTTP headers, cookies, or request bodies.
How WAF Works Internally
WAF policies are applied at the edge (Azure Front Door) or at the regional gateway (Application Gateway). When a request arrives:
Request Parsing: The WAF engine parses the HTTP request into components: method, URI, headers, cookies, query string, and body. It supports HTTP/1.1, HTTP/2, and WebSocket connections.
Rule Evaluation: Rules are evaluated in a specific order: custom rules first, then managed rule sets (e.g., DefaultRuleSet_3.2). Within each rule set, rules are processed by priority (lower number = higher priority). Each rule has a condition (e.g., if request body contains 'SELECT') and an action (Allow, Block, Log, or AnomalyScore).
Anomaly Scoring: Instead of blocking on a single suspicious match, WAF uses an anomaly scoring system. Each rule that matches increments a score (typically 3 for critical, 2 for warning). If the total score exceeds a threshold (default 5), the request is blocked. This reduces false positives.
Action Execution: If a rule's action is "Block," the request is dropped immediately and a 403 Forbidden response is returned. If "Log," the request is allowed but logged. If "AnomalyScore," the score is incremented, and after all rules are evaluated, the total score is compared to the threshold.
Response Inspection (optional): WAF can also inspect response bodies for sensitive data leakage (e.g., credit card numbers) using custom rules.
Key Components, Values, and Defaults
Policy Mode: Detection (log only, no blocking) or Prevention (block requests exceeding threshold). Default is Detection.
Rule Sets:
Managed: Microsoft_DefaultRuleSet (version 3.2 for Application Gateway, 2.1 for Front Door), Microsoft_BotManagerRuleSet (1.0).
Custom: User-defined rules with conditions on variables like IP address, request URI, or headers.
Anomaly Score Threshold: Default 5. Range 0-20. In Prevention mode, requests with score >= threshold are blocked.
Rate Limiting: Available in Front Door WAF. Limits requests from a client IP over a 1-minute sliding window. Default limit is 1000 requests per minute.
Geofiltering: Block or allow traffic from specific countries based on IP address.
Logging: WAF logs are sent to Azure Monitor, Log Analytics, or Storage. Log includes rule ID, action taken, and matched details.
Configuration and Verification Commands
Using Azure CLI to create a WAF policy for Application Gateway:
az network application-gateway waf-policy create \
--name MyWAFPolicy \
--resource-group MyRG \
--location eastus \
--type OWASP \
--version 3.2To enable Prevention mode:
az network application-gateway waf-policy update \
--name MyWAFPolicy \
--resource-group MyRG \
--state Enabled \
--mode PreventionTo add a custom rule blocking requests from a specific IP:
az network application-gateway waf-policy custom-rule create \
--policy-name MyWAFPolicy \
--resource-group MyRG \
--name BlockBadIP \
--priority 100 \
--rule-type MatchRule \
--action Block \
--match-condition "IPAddress 192.168.1.0/24"Verification:
az network application-gateway waf-policy show \
--name MyWAFPolicy \
--resource-group MyRGFor Azure Front Door, use:
az network front-door waf-policy create \
--name MyFrontDoorWAF \
--resource-group MyRG \
--sku Premium_AzureFrontDoor \
--mode PreventionInteraction with Related Technologies
Azure Application Gateway: WAF is a tier (WAF_v2) of Application Gateway. The policy is associated with the gateway's listener or routing rule. It supports SSL termination, path-based routing, and URL rewrite.
Azure Front Door: WAF is integrated at the global edge. It provides additional features like rate limiting, bot protection, and managed rule sets tailored for CDN. Front Door WAF can be associated with a frontend host or path pattern.
Azure CDN: WAF can be enabled on Azure CDN from Microsoft (Standard/Premium). It uses the same rule engine as Front Door.
Azure Policy: You can enforce WAF policy deployment via Azure Policy to ensure all Application Gateways have WAF enabled.
Rule Evaluation Order and Exclusions
Rules are evaluated in this order: 1. Custom rules (by priority, ascending) 2. Managed rule sets (by priority within the set) 3. Bot protection rules (if enabled)
You can define exclusions to skip certain rules for specific request attributes (e.g., exclude a rule that flags 'SELECT' in the body for a specific URI). Exclusions are applied before rule evaluation.
Performance Considerations
WAF adds latency (typically 1-5 ms per request). In high-throughput scenarios, ensure the Application Gateway or Front Door SKU is appropriately sized. For Application Gateway, WAF_v2 supports autoscaling. For Front Door, WAF is always at the edge with minimal overhead.
Exam-Relevant Defaults and Values
WAF policy can be associated with multiple listeners but only one per listener.
Managed rule set versions: Application Gateway uses version 3.2 (default), Front Door uses 2.1 (default).
Default anomaly score threshold: 5.
Default mode: Detection.
Custom rule priority: 1 to 100 (must be unique).
Rate limit window: 1 minute.
Bot Manager rule set: identifies good bots (search engines) and bad bots (scrapers).
WAF logs are not enabled by default; you must configure diagnostics.
Common Exam Traps
Trap: WAF can block all traffic except allowed IPs. Reality: WAF is not a network ACL; it inspects Layer 7 content. For IP blocking, use custom rules or NSGs.
Trap: WAF in Detection mode blocks traffic. Reality: Detection mode only logs, never blocks. You must set Prevention mode to block.
Trap: WAF on Application Gateway works with HTTP/HTTPS only. Reality: It also supports WebSocket.
Trap: You can associate one WAF policy with multiple Application Gateways. Reality: A WAF policy can be associated with multiple listeners on the same gateway, but not across gateways. For Front Door, a policy can be associated with multiple frontend hosts.
Trap: Custom rules are evaluated after managed rules. Reality: Custom rules are evaluated first.
Step-by-Step: How WAF Processes a Request
Request Arrives at the Application Gateway or Front Door endpoint.
TLS Termination (if configured): The gateway decrypts the request.
WAF Engine Parses the request into components.
Custom Rules Evaluation: Each custom rule's condition is checked. If a match and action is Block, request is rejected immediately (403). If Log, continue and log. If AnomalyScore, increment score.
Managed Rules Evaluation: Each managed rule is checked similarly. Anomaly scores accumulate.
Bot Protection (if enabled): Checks if request is from a known bot.
Final Score Check: If total anomaly score >= threshold (default 5), request is blocked. Otherwise, allowed.
Forwarding: Allowed request is forwarded to the backend pool.
Response Logging (optional): Response can be inspected if custom rules are defined for response.
Logging: All actions are logged to configured diagnostic destinations.
Request Arrives at Edge
The HTTP/HTTPS request hits the Azure Front Door or Application Gateway endpoint. If TLS is enabled, the gateway terminates the SSL connection, decrypting the request. The WAF engine then receives the plaintext HTTP request. At this point, the gateway has already performed basic routing decisions (e.g., which listener to use). The WAF policy associated with the listener is identified.
Parsing the HTTP Request
The WAF engine parses the request into its constituent parts: method (GET, POST), URI path, query string, headers, cookies, and body. It supports URL encoding, multipart forms, and JSON/XML payloads. The parser normalizes the request (e.g., URL decoding) to apply rules consistently. For very large bodies (over 128 KB), the body may be truncated or inspected in chunks depending on configuration.
Custom Rule Evaluation
Custom rules are evaluated in order of priority (lowest number first). Each rule has a condition (e.g., IP address match, geo-location, request header pattern) and an action. If the condition matches, the action is executed. If the action is 'Block', the request is immediately denied with a 403 response and no further rules are evaluated. If 'Log', the request continues but is logged. If 'AnomalyScore', the anomaly score is incremented (default 3 for critical, 2 for warning).
Managed Rule Set Evaluation
After custom rules, managed rule sets are evaluated. The default set (e.g., Microsoft_DefaultRuleSet 3.2) contains hundreds of rules covering SQL injection, XSS, etc. Each rule has a default action of 'AnomalyScore'. The rules are evaluated by priority within the set. The anomaly score accumulates. If any rule has action 'Block', the request is blocked immediately. Managed rules can be individually disabled or set to 'Log' only.
Bot Protection Check
If the Bot Manager rule set is enabled, the request is classified as from a known good bot (e.g., Googlebot), a known bad bot (e.g., malicious scraper), or unknown. Good bots are allowed; bad bots can be blocked or logged based on configuration. This check occurs after managed rules but before the final score threshold check.
Final Anomaly Score Threshold Check
After all rules are evaluated, the total anomaly score is compared to the threshold (default 5). If the score is >= threshold, the request is blocked (in Prevention mode) or logged (in Detection mode). If blocked, a 403 response is returned. If allowed, the request is forwarded to the backend. The anomaly score resets per request.
Enterprise Scenario 1: E-commerce Platform with Global Traffic
A large e-commerce company uses Azure Front Door with WAF to protect its web application from SQL injection and DDoS attacks. The platform serves users worldwide, so Front Door provides global load balancing and SSL offloading. The WAF policy is set to Prevention mode with the DefaultRuleSet 2.1. They also enable the Bot Manager rule set to allow search engine bots but block known bad bots. Rate limiting is configured to 500 requests per minute per IP to mitigate brute-force login attacks. The security team monitors WAF logs in Log Analytics, setting alerts for anomaly score spikes. A common misconfiguration is forgetting to exclude the login endpoint from rate limiting, which blocks legitimate users. The solution is to create a custom rule with higher priority to allow traffic to /login with a higher rate limit.
Enterprise Scenario 2: Internal HR Application with Regional Users
A company hosts an HR application on Azure Application Gateway in a single region. They enable WAF_v2 in Prevention mode. They use geofiltering custom rules to block traffic from countries where the company has no employees. They also create custom rules to block requests with suspicious user-agent strings. The application uses WebSockets for real-time notifications, and WAF supports that natively. Performance is a concern: each request adds ~2 ms latency, which is acceptable. The team uses Azure Policy to enforce that all Application Gateways have WAF enabled. A common issue is false positives from the managed rules (e.g., blocking a legitimate search feature that uses SQL-like syntax). They resolve this by creating exclusions for specific rules on the search endpoint.
What Goes Wrong When Misconfigured
Detection mode left enabled: Attackers are not blocked, only logged. The security team might not notice logs until a breach occurs.
Anomaly score threshold too low: High false positives block legitimate traffic. For example, a login page with multiple fields might trigger multiple rules, exceeding a threshold of 3.
Custom rules with low priority: If a custom rule to allow traffic is placed after a managed rule that blocks it, the block action takes precedence. Custom rules should be higher priority.
Missing exclusions: A rule that flags 'SELECT' in the body blocks a legitimate search endpoint. Exclusions must be created per rule and attribute.
No diagnostics configured: WAF logs are not sent to Azure Monitor, making it impossible to analyze attacks or false positives.
What AZ-104 Tests on WAF
The AZ-104 exam covers WAF under objective 4.5 (Manage security policies). You must know:
How to create and configure a WAF policy (Azure portal, CLI, PowerShell)
The difference between Detection and Prevention modes
How to associate a WAF policy with Application Gateway or Front Door
Managed rule sets and their versions (3.2 for App Gateway, 2.1 for Front Door)
Custom rules: priorities, conditions, actions
Anomaly scoring and default threshold (5)
Rate limiting (Front Door only)
Bot protection
Logging and diagnostics
Common Wrong Answers and Why
WAF can be used as a network firewall. Many candidates think WAF replaces NSGs. Reality: WAF is Layer 7 only; NSGs are Layer 3-4. Both are needed.
WAF in Detection mode blocks traffic. Candidates confuse Detection with Prevention. Detection only logs.
Custom rules are evaluated after managed rules. The exam tests order: custom first, then managed.
WAF policy can be shared across multiple Application Gateways. A policy is scoped to a gateway (or Front Door). You cannot associate one policy with multiple gateways.
WAF on Application Gateway works only with HTTP. It also supports HTTPS and WebSocket.
Specific Numbers and Terms
Default anomaly threshold: 5
Default mode: Detection
Default rule set version: 3.2 (App Gateway), 2.1 (Front Door)
Custom rule priority range: 1-100
Rate limiting window: 1 minute
Bot Manager rule set: Microsoft_BotManagerRuleSet_1.0
WAF SKU: WAF_v2 (Application Gateway), Premium_AzureFrontDoor (Front Door)
Edge Cases and Exceptions
If you associate a WAF policy with a listener that has no backend pool, the request is still inspected but fails routing.
WAF supports request body inspection up to 128 KB by default; larger bodies are ignored.
Exclusions can be scoped to a specific rule, rule group, or entire rule set.
Anomaly scoring is per-request; it does not persist across requests.
In Front Door, rate limiting is applied per client IP, not per user.
How to Eliminate Wrong Answers
If the question mentions "blocking traffic based on IP address," the answer is likely a custom rule, not a managed rule.
If the question asks about "logging only without blocking," the mode must be Detection.
If the question involves "SQL injection," the rule set is Microsoft_DefaultRuleSet.
If the question mentions "global presence," the service is Front Door, not Application Gateway.
If the question asks about "limiting requests per minute," it's rate limiting on Front Door only.
WAF operates at Layer 7, inspecting HTTP/HTTPS requests and responses.
Two modes: Detection (log only) and Prevention (block when anomaly score >= 5).
Custom rules are evaluated before managed rules.
Default anomaly score threshold is 5; range 0-20.
Managed rule set versions: 3.2 for Application Gateway, 2.1 for Front Door.
WAF policy is associated with a listener on Application Gateway or a frontend host on Front Door.
Rate limiting is available only on Front Door WAF (1-minute sliding window).
Bot protection uses Microsoft_BotManagerRuleSet_1.0 to classify bots.
WAF logs must be enabled via diagnostic settings to Azure Monitor, Storage, or Log Analytics.
Exclusions allow skipping specific rules for certain request attributes.
These come up on the exam all the time. Here's how to tell them apart.
Application Gateway WAF
Regional service, deployed in one Azure region
Supports up to 100 WAF policies per gateway
Default rule set version 3.2
No built-in rate limiting (custom rules can mimic but not sliding window)
Requires Application Gateway v2 SKU
Front Door WAF
Global service, deployed at edge locations worldwide
Supports up to 100 WAF policies per profile
Default rule set version 2.1
Includes native rate limiting with 1-minute sliding window
Requires Premium SKU
Mistake
WAF can block all traffic except allowed IPs.
Correct
WAF is a Layer 7 firewall; it does not filter at the network layer. To block IP ranges, use custom rules with IP match condition or use NSGs.
Mistake
WAF in Detection mode blocks malicious requests.
Correct
Detection mode only logs requests that match rules; it never blocks. Prevention mode blocks.
Mistake
Custom rules are evaluated after managed rules.
Correct
Custom rules are evaluated first (by priority), then managed rules. This allows custom rules to override managed rules.
Mistake
A single WAF policy can be applied to multiple Application Gateways.
Correct
A WAF policy is associated with one Application Gateway (or Front Door). To protect multiple gateways, create separate policies.
Mistake
WAF on Application Gateway does not support HTTPS.
Correct
WAF supports HTTP, HTTPS, and WebSocket. HTTPS requires SSL termination at the gateway.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
Detection mode logs requests that match rules but never blocks them. Prevention mode blocks requests when the anomaly score reaches the threshold (default 5). The exam often tests this: if a question says 'log but do not block,' the answer is Detection mode.
No. A WAF policy is associated with one Application Gateway (or Front Door). You must create separate policies for each gateway. However, one policy can be associated with multiple listeners on the same gateway.
The primary managed rule set is Microsoft_DefaultRuleSet (version 3.2 for Application Gateway, 2.1 for Front Door). There is also Microsoft_BotManagerRuleSet_1.0 for bot protection. The OWASP 3.x rule sets are also available but less common.
Each rule that matches increments an anomaly score (typically 3 for critical, 2 for warning). After all rules are evaluated, if the total score >= threshold (default 5), the request is blocked in Prevention mode. This reduces false positives from single rule matches.
Yes, via custom rules. You can create a custom rule with condition 'IPAddress' and action 'Allow' to whitelist specific IP ranges. But note: WAF is not a network firewall; IP whitelisting is done at the application layer.
You must configure diagnostic settings on the Application Gateway or Front Door resource. Select 'WAF logs' as the log category and send to Log Analytics, Storage, or Event Hub. Logging is not enabled by default.
The default threshold is 5. You can change it to any value between 0 and 20 via the WAF policy settings. A lower threshold increases false positives; a higher threshold increases false negatives.
You've just covered Web Application Firewall (WAF) Policies — now see how well it sticks with free AZ-104 practice questions. Full explanations included, no account needed.
Done with this chapter?