MicrosoftDocs
diff --git a/‎articles/frontdoor/billing.md
Lines changed: 15 additions & 15 deletions b/‎articles/frontdoor/billing.md
Lines changed: 15 additions & 15 deletions
diff --git a/‎articles/frontdoor/create-front-door-bicep.md
Lines changed: 4 additions & 4 deletions b/‎articles/frontdoor/create-front-door-bicep.md
Lines changed: 4 additions & 4 deletions
diff --git a/‎articles/frontdoor/front-door-routing-limits.md
Lines changed: 2 additions & 2 deletions b/‎articles/frontdoor/front-door-routing-limits.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/frontdoor/front-door-waf.md
Lines changed: 11 additions & 11 deletions b/‎articles/frontdoor/front-door-waf.md
Lines changed: 11 additions & 11 deletions
@@ -6,7 +6,7 @@ author: johndowns
 ms.service: frontdoor
 ms.topic: conceptual
 ms.workload: infrastructure-services
-ms.date: 09/06/2022
+ms.date: 12/28/2023
 ms.author: jodowns
 ---
 
@@ -28,7 +28,7 @@ For Azure Front Door pricing information, see [Azure Front Door pricing](https:/
 
 ## Base fees
 
-Each Front Door profile incurs an hourly fee. You're billed for each hour, or partial hour, that your profile is deployed. The rate you're charged depends on the Front Door SKU that you deploy.
+Each Front Door profile incurs an hourly fee. You're billed for each hour, or partial hour, that your profile is deployed. The rate you're charged depends on the Front Door tier that you deploy.
 
 A single Front Door profile can contain multiple [endpoints](endpoint.md). You're not billed extra for each endpoint.
 
@@ -44,7 +44,7 @@ Each part of the request process is billed separately:
 
 1. Number of requests from client to Front Door
 1. Data transfer from Front Door edge to origin
-1. Data transfer from origin to Front Door (non-billable)
+1. Data transfer from origin to Front Door (nonbillable)
 1. Data transfer from Front Door to client
 
 The following sections describe each of these request components in more detail.
@@ -65,7 +65,7 @@ If the request can be served from the Front Door edge location's cache, Front Do
 
 ### Data transfer from origin to Front Door
 
-When your origin server processes a request, it sends data back to Front Door so that it can be returned to the client. This traffic is not billed by Front Door, even if the origin is in a different region to the Front Door edge location for the request.
+When your origin server processes a request, it sends data back to Front Door so that it can be returned to the client. This traffic doesn't get billed by Front Door, even if the origin is in a different region to the Front Door edge location for the request.
 
 If your origin is within Azure, the data egress from the Azure origin to Front Door isn't charged. However, you should determine whether those Azure services might bill you to process your requests.
 
@@ -79,11 +79,11 @@ If a response is compressed, Front Door only charges for the compressed data.
 
 ## Private Link origins
 
-When you use the Premium SKU, Front Door can [connect to your origin by using Private Link](private-link.md).
+When you use the Premium tier, Front Door can [connect to your origin by using Private Link](private-link.md).
 
 Front Door Premium has a higher base fee and request processing fee. You don't pay extra for Private Link traffic compared to traffic that uses an origin's public endpoint.
 
-When you configure a Private Link origin, you select a region for the private endpoint to use. A [subset of Azure regions support Private Link traffic for Front Door](private-link.md#region-availability). If the region you select is different to the region the origin is deployed to, you won't be charged extra for cross-region traffic. However, the request latency will likely be greater.
+When you configure a Private Link origin, you select a region for the private endpoint to use. A [subset of Azure regions support Private Link traffic for Front Door](private-link.md#region-availability). If the region you select is different to the region the origin is deployed to, there isn't an extra charge for cross-region traffic. However, the request latency likely is greater.
 
 ## Cross-region traffic
 
@@ -95,9 +95,9 @@ Front Door charges for traffic from the edge location to the origin. Traffic is
 
 ### Example 1: Azure origin without caching
 
-Contoso hosts their website on Azure App Service, which runs in the West US region. Contoso has deployed Front Door with the standard SKU. They have disabled caching.
+Contoso hosts their website on Azure App Service, which runs in the West US region. Contoso deployed Front Door with the standard tier. They disabled caching.
 
-Suppose a request from a client in California is sent to the Contoso website, sending a 1 KB request and receiving a 100 KB response:
+Suppose a request from a client in California is sent to the Contoso website, sending a 1-KB request and receiving a 100-KB response:
 
 :::image type="content" source="./media/billing/scenario-1.png" alt-text="Diagram of traffic flowing from the client to Azure Front Door and to the origin, without caching or compression." border="false":::
 
@@ -136,9 +136,9 @@ Suppose a second request arrives at the same Front Door edge location and a vali
 The following billing meters are incremented:
 
 | Meter | Incremented by | Billing region |
-|-|-|-|
+|--|--|--|
 | Number of requests from client to Front Door | 1 | North America |
-| Data transfer from Front Door edge to origin | *none when request is served from cache* | |
+| Data transfer from Front Door edge to origin | *none when request is served from cache* |  |
 | Data transfer from Front Door to client | 30 KB | North America |
 
 ### Example 4: Cross-region traffic
@@ -157,9 +157,9 @@ The following billing meters are incremented:
 
 ### Example 5: Non-Azure origin
 
-Fabrikam runs an eCommerce site on another cloud provider. Their site is hosted in Europe. They Azure Front Door to serve the traffic. They haven't enabled caching or compression.
+Fabrikam runs an eCommerce site on another cloud provider. Their site is hosted in Europe. They configured Azure Front Door to serve the traffic without caching or compression.
 
-Suppose a request from a client is sent to the Fabrikam website from a client in New York. The client sends a 2 KB request and receives a 350 KB response:
+Suppose a request from a client is sent to the Fabrikam website from a client in New York. The client sends a 2-KB request and receives a 350-KB response:
 
 :::image type="content" source="./media/billing/scenario-5.png" alt-text="Diagram of traffic flowing from the client to Azure Front Door and to an origin outside of Azure." border="false":::
 
@@ -175,11 +175,11 @@ The external cloud provider might charge other fees.
 
 ### Example 6: Request blocked by web application firewall
 
-When a request is blocked by the web application firewall (WAF), it isn't sent to the origin. However, Front Door charges the request, and also charges to send a response.
+When a request gets blocked by the web application firewall (WAF), it isn't sent to the origin. However, Front Door charges the request, and also charges to send a response.
 
-Suppose a Front Door profile includes a custom WAF rule to block requests from a specific IP address in South America. The WAF is configured with a custom error response page, which is 1 KB in size. If a client from the blocked IP address sends a 1 KB request:
+Suppose a Front Door profile includes a custom WAF rule to block requests from a specific IP address in South America. The WAF is configured with a custom error response page, which is 1 KB in size. If a client from the blocked IP address sends a 1-KB request:
 
-:::image type="content" source="./media/billing/scenario-6.png" alt-text="Diagram of traffic flowing from the client to Azure Front Door, where the request is blocked by the WAF." border="false":::
+:::image type="content" source="./media/billing/scenario-6.png" alt-text="Diagram of traffic flowing from the client to Azure Front Door, where the request gets blocked by the WAF." border="false":::
 
 The following billing meters are incremented:
 
 
@@ -4,7 +4,7 @@ description: This quickstart describes how to create an Azure Front Door Standar
 services: front-door
 author: duongau
 ms.author: duau
-ms.date: 12/04/2023
+ms.date: 12/29/2023
 ms.topic: quickstart
 ms.service: frontdoor
 ms.workload: infrastructure-services
@@ -29,7 +29,7 @@ This quickstart describes how to use Bicep to create an Azure Front Door Standar
 
 The Bicep file used in this quickstart is from [Azure Quickstart Templates](https://azure.microsoft.com/resources/templates/front-door-standard-premium-app-service-public/).
 
-In this quickstart, you'll create a Front Door Standard/Premium, an App Service, and configure the App Service to validate that traffic has come through the Front Door origin.
+In this quickstart, you create a Front Door Standard/Premium, an App Service, and configure the App Service to validate that traffic comes through the Front Door origin.
 
 :::code language="bicep" source="~/quickstart-templates/quickstarts/microsoft.cdn/front-door-standard-premium-app-service-public/main.bicep":::
 
@@ -90,13 +90,13 @@ You can also use the Azure portal to validate the deployment.
 
 1. Select the resource group that you created in the previous section.
 
-1. Select the Front Door you created and you'll be able to see the endpoint hostname. Copy the hostname and paste it on to the address bar of a browser. Press enter and your request will automatically get routed to the web app.
+1. Select the Front Door you created and you're able to see the endpoint hostname. Copy the hostname and paste it on to the address bar of a browser. Press enter and your requests automatically get routed to the web app.
 
     :::image type="content" source="./media/create-front-door-bicep/front-door-bicep-web-app-origin-success.png" alt-text="Screenshot of the message: Your web app is running and waiting for your content.":::
 
 ## Clean up resources
 
-When no longer needed, use the Azure portal, Azure CLI, or Azure PowerShell to delete the Front Door service and the resource group. This removes the Front Door and all the related resources.
+When no longer needed, use the Azure portal, Azure CLI, or Azure PowerShell to delete the Front Door service and the resource group. The Front Door and all the related resources are removed.
 
 # [CLI](#tab/CLI)
 
 
@@ -7,7 +7,7 @@ author: duongau
 ms.service: frontdoor
 ms.topic: conceptual
 ms.workload: infrastructure-services
-ms.date: 12/20/2023
+ms.date: 12/28/2023
 ms.author: jodowns
 ---
 
@@ -64,7 +64,7 @@ Profile composite route metric = Route 1 composite route metric + Route 1 compos
 ```
 
 The calculated metric of 5400 exceeds the limit of 5000, so you can't configure a Front Door profile in this way.
-.
+
 ## Mitigation
 
 If your profile's composite route metric exceed 5000, consider the following mitigation strategies:
 
@@ -1,23 +1,23 @@
 ---
 title: 'Tutorial: Scale and protect a web app by using Azure Front Door and Azure Web Application Firewall (WAF)' 
-description: This tutorial will show you how to use Azure Web Application Firewall with the Azure Front Door service.
+description: This tutorial shows you how to use Azure Web Application Firewall with the Azure Front Door service.
 services: frontdoor
 author: duongau
 ms.service: frontdoor
 ms.topic: tutorial
 ms.workload: infrastructure-services
 ms.custom: devx-track-azurecli
-ms.date: 10/01/2020
+ms.date: 12/28/2023
 ms.author: duau
 ---
 
 # Tutorial: Quickly scale and protect a web application by using Azure Front Door and Azure Web Application Firewall (WAF)
 
-Many web applications have experienced a rapid increase of traffic in recent weeks because of COVID-19. These web applications are also experiencing a surge in malicious traffic, including denial-of-service attacks. There's an effective way to both scale out your application for traffic surges and protect yourself from attacks: configure Azure Front Door with Azure WAF as an acceleration, caching, and security layer in front of your web app. This article provides guidance on how to get Azure Front Door with Azure WAF configured for any web app that runs inside or outside of Azure. 
+Many web applications experience a rapid increase of traffic over time. These web applications are also experiencing a surge in malicious traffic, including denial-of-service attacks. There's an effective way to both scale out your application for traffic surges and protect yourself from attacks: configure Azure Front Door with Azure WAF as an acceleration, caching, and security layer in front of your web app. This article provides guidance on how to get Azure Front Door with Azure WAF configured for any web app that runs inside or outside of Azure. 
 
-We'll be using the Azure CLI to configure the WAF in this tutorial. You can accomplish the same thing by using the Azure portal, Azure PowerShell, Azure Resource Manager, or the Azure REST APIs. 
+We're using the Azure CLI to configure the WAF in this tutorial. You can accomplish the same thing by using the Azure portal, Azure PowerShell, Azure Resource Manager, or the Azure REST APIs. 
 
-In this tutorial, you'll learn how to:
+In this tutorial, you learn how to:
 > [!div class="checklist"]
 > - Create a Front Door.
 > - Create an Azure WAF policy.
@@ -57,7 +57,7 @@ az network front-door create --backend-address <>  --accepted-protocols <> --nam
 
 `--resource-group`: The resource group you want to place this Azure Front Door resource in. To learn more about resource groups, see [Manage resource groups in Azure](../azure-resource-manager/management/manage-resource-groups-portal.md).
 
-In the response you get when you run this command, look for the key `hostName`. You'll need this value in a later step. The `hostName` is the DNS name of the Azure Front Door resource you created.
+In the response you get when you run this command, look for the key `hostName`. You need this value in a later step. The `hostName` is the DNS name of the Azure Front Door resource you created.
 
 ## Create an Azure WAF profile to use with Azure Front Door resources
 
@@ -69,12 +69,12 @@ az network front-door waf-policy create --name <>  --resource-group <>  --disabl
 
 `--resource-group`: The resource group you want to place this WAF resource in. 
 
-The preceding CLI code will create a WAF policy that's enabled and that's in prevention mode. 
+The preceding CLI code creates a WAF policy in prevention mode. 
 
 > [!NOTE] 
 > You might want to create the WAF policy in detection mode and observe how it detects and logs malicious requests (without blocking them) before you decide to use protection mode.
 
-In the response you get when you run this command, look for the key `ID`. You'll need this value in a later step. 
+In the response you get when you run this command, look for the key `ID`. You need this value in a later step. 
 
 The `ID` field should be in this format:
 
@@ -104,7 +104,7 @@ Add the bot protection rule set:
 
 ## Associate the WAF policy with the Azure Front Door resource
 
-In this step, we'll associate the WAF policy we created with the Azure Front Door resource that's in front of your web application:
+In this step, we associate the WAF policy we created with the Azure Front Door resource that's in front of your web application:
 
 ```azurecli-interactive 
 az network front-door update --name <> --resource-group <> --set frontendEndpoints[0].webApplicationFirewallPolicyLink='{"id":"<>"}'
@@ -123,7 +123,7 @@ az network front-door update --name <> --resource-group <> --set frontendEndpoin
 
 The custom domain name of your web application is the one that customers use to refer to your application. For example, www.contoso.com. Initially, this custom domain name was pointing to the location where it was running before you introduced Azure Front Door. After you add Azure Front Door and WAF to front the application, the DNS entry that corresponds to that custom domain should point to the Azure Front Door resource. You can make this change by remapping the entry in your DNS server to the Azure Front Door `hostName` you noted when you created the Azure Front Door resource.
 
-Specific steps to update your DNS records will depend on your DNS service provider. If you use Azure DNS to host your DNS name, you can refer to the documentation for [steps to update a DNS record](../dns/dns-operations-recordsets-cli.md) and point to the Azure Front Door `hostName`. 
+Specific steps to update your DNS records depend on your DNS service provider. If you use Azure DNS to host your DNS name, you can refer to the documentation for [steps to update a DNS record](../dns/dns-operations-recordsets-cli.md) and point to the Azure Front Door `hostName`. 
 
 There's one important thing to note if you need your customers to get to your website using the zone apex (for example, contoso.com). In this case, you have to use Azure DNS and its [alias record type](../dns/dns-alias.md) to host your DNS name. 
 
@@ -133,7 +133,7 @@ Finally, if you're using a custom domain to reach your web application and want
 
 ## Lock down your web application
 
-We recommend you ensure only Azure Front Door edges can communicate with your web application. Doing so will ensure no one can bypass the Azure Front Door protection and access your application directly. To accomplish this lockdown, see [How do I lock down the access to my backend to only Azure Front Door?](./front-door-faq.yml#what-are-the-steps-to-restrict-the-access-to-my-backend-to-only-azure-front-door-).
+We recommend you ensure only Azure Front Door edges can communicate with your web application. Doing so ensures no one can bypass the Azure Front Door protection and access your application directly. To accomplish this lockdown, see [How do I lock down the access to my backend to only Azure Front Door?](./front-door-faq.yml#what-are-the-steps-to-restrict-the-access-to-my-backend-to-only-azure-front-door-).
 
 ## Clean up resources