You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
# Web Application Firewall DRS rule groups and rules
@@ -14,7 +14,7 @@ Azure Front Door web application firewall (WAF) protects web applications from c
14
14
15
15
## Default rule sets
16
16
17
-
Azure-managed Default Rule Set includes rules against the following threat categories:
17
+
The Azure-managed Default Rule Set (DRS) includes rules against the following threat categories:
18
18
19
19
- Cross-site scripting
20
20
- Java attacks
@@ -26,18 +26,19 @@ Azure-managed Default Rule Set includes rules against the following threat categ
26
26
- SQL injection protection
27
27
- Protocol attackers
28
28
29
-
The version number of the Default Rule Set increments when new attack signatures are added to the rule set.
30
-
Default Rule Set is enabled by default in Detection mode in your WAF policies. You can disable or enable individual rules within the Default Rule Set to meet your application requirements. You can also set specific actions (ALLOW/BLOCK/REDIRECT/LOG) per rule.
29
+
The version number of the DRS increments when new attack signatures are added to the rule set.
31
30
32
-
Sometimes you may need to omit certain request attributes from a WAF evaluation. A common example is Active Directory-inserted tokens that are used for authentication. You may configure an exclusion list for a managed rule, rule group, or for the entire rule set.
31
+
DRS is enabled by default in Detection mode in your WAF policies. You can disable or enable individual rules within the Default Rule Set to meet your application requirements. You can also set specific actions per rule. Available actions are *allow*, *block*, *redirect*, and *log*).
33
32
34
-
The Default action is to block. Additionally, custom rules can be configured in the same WAF policy if you wish to bypass any of the pre-configured rules in the Default Rule Set.
33
+
Sometimes you might need to omit certain request attributes from a WAF evaluation. A common example is Active Directory-inserted tokens that are used for authentication. You may configure an exclusion list for a managed rule, rule group, or for the entire rule set. For more information, see [Web Application Firewall (WAF) with Front Door exclusion lists](./waf-front-door-exclusion.md).
34
+
35
+
By default, DRS blocks requests that trigger the rules. Additionally, custom rules can be configured in the same WAF policy if you wish to bypass any of the pre-configured rules in the Default Rule Set.
35
36
36
37
Custom rules are always applied before rules in the Default Rule Set are evaluated. If a request matches a custom rule, the corresponding rule action is applied. The request is either blocked or passed through to the back-end. No other custom rules or the rules in the Default Rule Set are processed. You can also remove the Default Rule Set from your WAF policies.
37
38
38
39
### Microsoft Threat Intelligence Collection rules
39
40
40
-
The Microsoft Threat Intelligence Collection rules are written in partnership with the Microsoft Intelligence team to provide increased coverage, patches for specific vulnerabilities, and better false positive reduction.
41
+
The Microsoft Threat Intelligence Collection rules are written in partnership with the Microsoft Threat Intelligence team to provide increased coverage, patches for specific vulnerabilities, and better false positive reduction.
@@ -60,7 +61,7 @@ The version of the DRS that you use also determines which content types are supp
60
61
61
62
### DRS 2.0
62
63
63
-
DRS 2.0 includes 17 rule groups, as shown in the following table. Each group contains multiple rules, which can be disabled.
64
+
DRS 2.0 includes 17 rule groups, as shown in the following table. Each group contains multiple rules, and you can disable individual rules as well as entire rule groups.
64
65
65
66
> [!NOTE]
66
67
> DRS 2.0 is only available on Azure Front Door Premium.
Copy file name to clipboardExpand all lines: articles/web-application-firewall/afds/waf-front-door-exclusion.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -9,7 +9,7 @@ ms.author: victorh
9
9
ms.topic: conceptual
10
10
---
11
11
12
-
# Web Application Firewall (WAF) with Front Door Service exclusion lists
12
+
# Web Application Firewall (WAF) with Front Door exclusion lists
13
13
14
14
Sometimes Web Application Firewall (WAF) might block a request that you want to allow for your application. WAF exclusion lists allow you to omit certain request attributes from a WAF evaluation. The rest of the request is evaluated as normal.
0 commit comments