WAF Policy

Lily 41 Reputation points
2020-09-22T18:55:42.193+00:00

Just starting to learn about WAF policies. If I add a listener to the WAF policy, do I need to remove that same listener from list in the WAF itself? Or does the WAF policy override any basic config within the WAF?

Thanks!

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
957 questions
Azure Web Application Firewall

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. TravisCragg-MSFT 5,676 Reputation points Microsoft Employee
    2020-09-22T22:47:38.793+00:00

    From the WAF Policy on App Gateway Doc:

    You can make as many policies as you want. Once you create a policy, it must be associated to an Application Gateway to go into effect, but it can be associated with any combination of Application Gateways and listeners.

    If your Application Gateway has a policy applied, and then you apply a different policy to a listener on that Application Gateway, the listener's policy will take effect, but just for the listener(s) that they're assigned to. The Application Gateway policy still applies to all other listeners that don't have a specific policy assigned to them.

    If you associated the WAF Policy to the App Gateway, then all listeners will get that WAF policy by default. If you only want 1 listener to have that policy, then only associate it to the listener (Used for a multi-site configuration).

    1 person found this answer helpful.
    0 comments