Azure – You can now manage how Azure Web Application Firewall with Front Door handles bot

As you may already know Azure Front Door is a global secure load balanced entry point to your published Azure resources, it works closely with Azure Web Application Firewall.

As you also know, any resource published to/accessible from the Internet is a target of bot, some good (like search engine bots), some bad.

Protecting your resources from bad bots is not so easy as it sounds.

Well, good news, a new bot protection ruleset is now available in preview for Azure Web Application Firewall with or without Azure Front Door.

This rule set allows you to define how bots are handled (accept, block, redirect…) based on their type (good, bad, unknown).

Bot type is detected with their well known information (known malicious IP, user agent…) but also using the Microsoft Threat Intelligence.

If you want to start using this integrated protection level, just logon to your Azure portal (https://portal.azure.com/) and create or edit your Web Application Firewall policy and access the Managed rules blade to select the Microsoft_BotManageRuleSet_0.1 managed rule set for Regional WAF only or Bootprotection_preview-0.1 and Microsoft_BotManageRuleSet_1.0 for Front Door Service (the 0.1 seems to be a version number so expect this can changed/be different by the time you select it)

image_thumb  image_thumb[2]

Once you have selected the managed rule, a new configuration set appears from which you can then enable/disable the associated rule

image_thumb[1]  image_thumb[3]

Enjoy with this new security policy set.

Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies