Rate Limit on Azure WAF Frontdoor Premium not working as expected

Fabián Avilés 5 Reputation points
2024-03-19T14:55:39.86+00:00

We have created an Azure Frontdoor Premim Tier with a Web Application Firewall associated with it and we are having some issues with a specific rule we created to apply rate limiting.

The rule is looking for a specific URL and specifies a limit of 2 http requests per every 1 minutes. The rule has a top priority number of 1

I´ve created a loop to perform HTTP requests and for 100 htpp requests, 86 are being allowed and 14 blocked in an interval of 1 minute.

I also tried with a higher threshold ( 30 requests for every 5 minutes) and still had the same outcome.

Can someone explain me why is this not working as expected and if there´s any way we can apply rate limiting correctly

We are using a Powershell script to test this.

Azure Front Door
Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
575 questions
Azure Web Application Firewall
{count} votes

1 answer

Sort by: Most helpful
  1. Michael Lee 85 Reputation points Microsoft Employee
    2024-03-19T23:23:07.7266667+00:00

    Hi Fabian,

    Your symptom is related to how AFD WAF is working on the rate-limiting. You can refer to this link:

    https://learn.microsoft.com/en-us/azure/web-application-firewall/afds/waf-front-door-rate-limit?source=recommendations#rate-limits-and-azure-front-door-servers

    Best regards,