Merge pull request #277623 from Miskatonic-Electronic/patch-31

prmerger-automator[bot] · web-flow · commit e1b9afad4805 · 2024-06-11T19:21:48.000Z
Update create-waf-policy-ag.md
diff --git a/articles/web-application-firewall/ag/create-waf-policy-ag.md b/articles/web-application-firewall/ag/create-waf-policy-ag.md
@@ -22,6 +22,8 @@ If your Application Gateway has an associated policy, and then you associate a d
 
 All new Web Application Firewall's WAF settings (custom rules, managed ruleset configurations, exclusions, etc.) live inside of a WAF Policy. If you have an existing WAF, these settings may still exist in your WAF config. For steps on how to move to the new WAF Policy, see [Upgrade your WAF Config to a WAF Policy](#upgrade) later in this article. 
 
+WAF policies need to be in the enabled state to inspect request traffic, log events and take action on requests. WAF policies in detection mode will log events when WAF rules are triggered but won't take any other action. Policies in prevention mode will take action on requests as well as log the event in the logs.
+
 ## Create a policy
 
 First, create a basic WAF policy with a managed Default Rule Set (DRS) using the Azure portal.
