|
| 1 | +--- |
| 2 | +title: Protect Azure OpenAI using Azure Web Application Firewall on Azure Front Door |
| 3 | +description: Learn how to Protect Azure OpenAI using Azure Web Application Firewall on Azure Front Door |
| 4 | +author: sowmyam2019 |
| 5 | +ms.author: victorh |
| 6 | +ms.service: web-application-firewall |
| 7 | +ms.topic: how-to |
| 8 | +ms.date: 08/28/2023 |
| 9 | +--- |
| 10 | + |
| 11 | +# Protect Azure OpenAI using Azure Web Application Firewall on Azure Front Door |
| 12 | + |
| 13 | +There are a growing number of enterprises using Azure OpenAI APIs, and the number and complexity of security attacks against web applications is constantly evolving. A strong security strategy is necessary to protect Azure OpenAI APIs from various web application attacks. |
| 14 | + |
| 15 | +Azure Web Application Firewall (WAF) is an Azure Networking product that protects web applications and APIs from various OWASP top 10 web attacks, Common Vulnerabilities and Exposures (CVEs), and malicious bot attacks. |
| 16 | + |
| 17 | +This article describes how to use Azure Web Application Firewall (WAF) on Azure Front Door to protect Azure OpenAI endpoints. |
| 18 | + |
| 19 | +## Prerequisites |
| 20 | + |
| 21 | +If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin. |
| 22 | + |
| 23 | + |
| 24 | +## Create Azure OpenAI instance using the gpt-35-turbo model |
| 25 | +First, create an OpenAI instance. |
| 26 | + |
| 27 | + |
| 28 | +1. Create an Azure OpenAI instance and deploy a gpt-35-turbo model using [Create and deploy an Azure OpenAI Service resource](../../ai-services/openai/how-to/create-resource.md). |
| 29 | +1. Identify the Azure OpenAI endpoint and the API key. |
| 30 | + |
| 31 | + Open the Azure OpenAI studio and open the **Chat** option under **Playground**. |
| 32 | + Use the **View code** option to display the endpoint and the API key. |
| 33 | + :::image type="content" source="../media/protect-azure-open-ai/view-code.png" alt-text="Screenshot showing Azure AI Studio Chat playground." lightbox="../media/protect-azure-open-ai/view-code.png"::: |
| 34 | + <br> |
| 35 | + |
| 36 | + :::image type="content" source="../media/protect-azure-open-ai/sample-code.png" alt-text="Screenshot showing Azure OpenAI sample code with Endpoint and Key."::: |
| 37 | + |
| 38 | +1. Validate Azure OpenAI call using [Postman](https://www.postman.com/). |
| 39 | + Use the Azure OpenAPI endpoint and api-key values found in the earlier steps. |
| 40 | + Use these lines of code in the POST body: |
| 41 | + |
| 42 | + ```json |
| 43 | + { |
| 44 | + "model":"gpt-35-turbo", |
| 45 | + "messages": [ |
| 46 | + { |
| 47 | + "role": "user", |
| 48 | + "content": "What is Azure OpenAI?" |
| 49 | + } |
| 50 | + ] |
| 51 | + } |
| 52 | + |
| 53 | + ``` |
| 54 | + :::image type="content" source="../media/protect-azure-open-ai/postman-body.png" alt-text="Screenshot showing the post body." lightbox="../media/protect-azure-open-ai/postman-body.png"::: |
| 55 | +1. In response to the POST, you should receive a *200 OK*: |
| 56 | + :::image type="content" source="../media/protect-azure-open-ai/post-200-ok.png" alt-text="Screenshot showing the POST 200 OK." lightbox="../media/protect-azure-open-ai/post-200-ok.png"::: |
| 57 | + |
| 58 | + The Azure OpenAI also generates a response using the GPT model. |
| 59 | + |
| 60 | +## Create an Azure Front Door instance with Azure WAF |
| 61 | + |
| 62 | +Now use the Azure portal to create an Azure Front Door instance with Azure WAF. |
| 63 | + |
| 64 | +1. Create an Azure Front Door premium optimized tier with an associated WAF security policy in the same resource group. Use the **Custom create** option. |
| 65 | + |
| 66 | + 1. [Quickstart: Create an Azure Front Door profile - Azure portal](../../frontdoor/create-front-door-portal.md#create-a-front-door-for-your-application) |
| 67 | +1. Add endpoints and routes. |
| 68 | +1. Add the origin hostname: The origin hostname is `testazureopenai.openai.azure.com`. |
| 69 | +1. Add the WAF policy. |
| 70 | + |
| 71 | + |
| 72 | +## Configure a WAF policy to protect against web application and API vulnerabilities |
| 73 | + |
| 74 | +Enable the WAF policy in prevention mode and ensure **Microsoft_DefaultRuleSet_2.1** and **Microsoft_BotManagerRuleSet_1.0** are enabled. |
| 75 | + |
| 76 | +:::image type="content" source="../media/protect-azure-open-ai/web-application-firewall-policy.png" alt-text="Screenshot showing a WAF policy." lightbox="../media/protect-azure-open-ai/web-application-firewall-policy.png"::: |
| 77 | + |
| 78 | +## Verify access to Azure OpenAI via Azure Front Door endpoint |
| 79 | + |
| 80 | +Now verify your Azure Front Door endpoint. |
| 81 | + |
| 82 | +1. Retrieve the Azure Front Door endpoint from the Front Door Manager. |
| 83 | + |
| 84 | + :::image type="content" source="../media/protect-azure-open-ai/front-door-endpoint.png" alt-text="Screenshot showing the Azure Front Door endpoint." lightbox="../media/protect-azure-open-ai/front-door-endpoint.png"::: |
| 85 | +2. Use Postman to send a POST request to the Azure Front Door endpoint. |
| 86 | + 1. Replace the Azure OpenAI endpoint with the AFD endpoint in Postman POST request. |
| 87 | + :::image type="content" source="../media/protect-azure-open-ai/test-final.png" alt-text="Screenshot showing the final POST." lightbox="../media/protect-azure-open-ai/test-final.png"::: |
| 88 | + |
| 89 | + Azure OpenAI also generates a response using the GPT model. |
| 90 | + |
| 91 | +## Validate WAF blocks an OWASP attack |
| 92 | + |
| 93 | +Send a POST request simulating an OWASP attack on the Azure OpenAI endpoint. WAF blocks the call with a *403 Forbidden response* code. |
| 94 | + |
| 95 | +## Configure IP restriction rules using WAF |
| 96 | + |
| 97 | +To restrict access to the Azure OpenAI endpoint to the required IP addresses, see [Configure an IP restriction rule with a WAF for Azure Front Door](waf-front-door-configure-ip-restriction.md). |
| 98 | + |
| 99 | +## Common issues |
| 100 | + |
| 101 | +The following items are common issues you may encounter when using Azure OpenAI with Azure Front Door and Azure WAF. |
| 102 | + |
| 103 | +- You get a *401: Access Denied* message when you send a POST request to your Azure OpenAI endpoint. |
| 104 | + |
| 105 | + If you attempt to send a POST request to your Azure OpenAI endpoint immediately after you create it, you may receive a *401: Access Denied* message even if you have the correct API key in your request. This issue will usually resolve itself after some time without any direct intervention. |
| 106 | + |
| 107 | +- You get a *415: Unsupported Media Type* message when you send a POST request to your Azure OpenAI endpoint. |
| 108 | + |
| 109 | + If you attempt to send a POST request to your Azure OpenAI endpoint with the Content-Type header `text/plain`, you get this message. Make sure to update your Content-Type header to `application/json` in the header section in Postman. |
0 commit comments