Application Gateway WAF / Front Door WAF
Definition
An Application Gateway Web Application Firewall (WAF) or Front Door WAF is a security service that provides centralized protection for web applications from common threats such as SQL injection, cross-site scripting (XSS), and other OWASP Top Ten vulnerabilities. These WAFs are typically deployed at the edge of a network, inspecting incoming HTTP/HTTPS requests and applying rules to filter out malicious traffic before it reaches the application servers. They can be configured to automatically update their rule sets to respond to new threats and can be integrated with other security services for comprehensive protection.
Secure Settings Example
{
"firewallPolicy": {
"policySettings": {
"enabled": true,
"mode": "Prevention",
"requestBodyInspection": true
},
"managedRules": {
"managedRuleSets": [
{
"ruleSetType": "OWASP",
"ruleSetVersion": "3.2",
"ruleGroupOverrides": [
{
"ruleGroupName": "SQL_Injection",
"rules": [
{
"ruleId": "942100",
"enabled": true,
"action": "Block"
}
]
}
]
}
]
}
}
}
Insecure Settings Example
{
"firewallPolicy": {
"policySettings": {
"enabled": false,
"mode": "Detection",
"requestBodyInspection": false
},
"managedRules": {
"managedRuleSets": [
{
"ruleSetType": "OWASP",
"ruleSetVersion": "3.2",
"ruleGroupOverrides": [
{
"ruleGroupName": "SQL_Injection",
"rules": [
{
"ruleId": "942100",
"enabled": false,
"action": "Log"
}
]
}
]
}
]
}
}
}