Azure Front Door WAF and Rule Engine

Question

Hi Q&A

Where am I to find documentation for the Front Door WAF Policy and custom rules configured to “watch” rules setup in the AFD Rule Engine?

I want to ensure that all rules created in the AFD Engine is going thorugh the AFD WAF.

Answer 1

Hello @KianE1980 ,

WAF with FrontDoor log is integrated with Azure Monitor. Azure Monitor allows you to track diagnostic information including WAF alerts and logs. You can configure WAF monitoring within the Front Door resource in the portal under the Diagnostics tab or through the Azure Monitor service directly. It provides 2 types of logs : FrontdoorAccessLog & FrontdoorWebApplicationFirewallLog.

• FrontdoorAccessLog logs all requests.
• FrontdoorWebApplicationFirewallLog logs any request that matches a WAF rule.

Please refer following article for information on how to enable these diagnostic logs: https://learn.microsoft.com/en-us/azure/web-application-firewall/afds/waf-front-door-monitor

Below are few useful documentation regarding Front Door WAF Policy and custom rules:
Policy settings for WAF on Azure Front Door : https://learn.microsoft.com/en-us/azure/web-application-firewall/afds/waf-front-door-policy-settings
Custom rules for WAF with Azure Front Door : https://learn.microsoft.com/en-us/azure/web-application-firewall/afds/waf-front-door-custom-rules
Configure a Web Application Firewall policy : https://learn.microsoft.com/en-us/azure/web-application-firewall/afds/waf-front-door-custom-rules-powershell

Kindly let us know if the above helps or you need further assistance on this issue.

----------------------------------------------------------------------------------------------------------------

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.