{"id":90867,"date":"2023-09-08T01:29:41","date_gmt":"2023-09-08T06:59:41","guid":{"rendered":"https:\/\/www.whizlabs.com\/blog\/?p=90867"},"modified":"2023-11-22T23:53:13","modified_gmt":"2023-11-23T05:23:13","slug":"azure-web-application-firewall","status":"publish","type":"post","link":"https:\/\/www.whizlabs.com\/blog\/azure-web-application-firewall\/","title":{"rendered":"What Is Azure Web Application Firewall (WAF)?"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">An <\/span><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/web-application-firewall\/ag\/ag-overview\" target=\"_blank\" rel=\"nofollow noopener\"><span style=\"font-weight: 400;\">Azure web application firewall (WAF)<\/span><\/a><span style=\"font-weight: 400;\"> is a specialized firewall designed to ensure web application protection and API security. It accomplishes this by <\/span><b>examining, tracking, and preventing malicious web traffic and attacks<\/b><span style=\"font-weight: 400;\"> that target the application layer.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">These attacks include threats like Distributed Denial of Service (DDoS), SQL injection, cookie tampering, cross-site scripting (XSS), cross-site forgery, and file inclusion.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">As a cybersecurity analyst: with <\/span><a href=\"https:\/\/www.whizlabs.com\/microsoft-azure-certification-sc-100\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">SC-100 Certification<\/span><\/a><span style=\"font-weight: 400;\">, you can defend against those attacks and ensure the safety of the web apps without any concern.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Now, let\u2019s dig in to know more!<\/span><\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_76 ez-toc-wrap-left counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ea7e02;color:#ea7e02\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ea7e02;color:#ea7e02\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-web-application-firewall\/#Overview_of_Azure_Web_Application_Firewall_WAF\" >Overview of Azure Web Application Firewall (WAF)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-web-application-firewall\/#Features_of_Azure_WAF\" >Features of Azure WAF<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-web-application-firewall\/#Azure_Web_Application_Firewall_Pricing\" >Azure Web Application Firewall Pricing<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-web-application-firewall\/#How_does_Azure_Web_Application_Firewall_Work\" >How does Azure Web Application Firewall Work?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-web-application-firewall\/#Benefits_of_having_Azure_Web_Application_Firewall_WAF_on_Application_Gateway\" >Benefits of having Azure Web Application Firewall WAF on Application Gateway<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-web-application-firewall\/#Azure_Web_Application_Firewall_WAF_Use_Cases\" >Azure Web Application Firewall WAF Use Cases<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-web-application-firewall\/#FAQs\" >FAQs<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-web-application-firewall\/#Conclusion\" >Conclusion<\/a><\/li><\/ul><\/nav><\/div>\n<h3><span class=\"ez-toc-section\" id=\"Overview_of_Azure_Web_Application_Firewall_WAF\"><\/span><strong>Overview of Azure Web Application Firewall (WAF)<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">WAFs operate at Layer 7, focusing on the traffic that flows between web applications and the internet. Their key role is to identify and thwart harmful requests before they are accepted by web applications and servers. This capability provides businesses and their users with crucial security measures to protect against various online threats.<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Features_of_Azure_WAF\"><\/span><strong>Features of Azure WAF<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><b>Azure Web Application Firewall has<\/b><span style=\"font-weight: 400;\"> the following key features as follows:<\/span><\/p>\n<p><img decoding=\"async\" class=\"alignnone size-full wp-image-90885\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/Features-of-Azure-WAF-scaled.webp\" alt=\"Features-of-Azure-WAF\" width=\"2560\" height=\"1707\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/Features-of-Azure-WAF-scaled.webp 2560w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/Features-of-Azure-WAF-300x200.webp 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/Features-of-Azure-WAF-1024x683.webp 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/Features-of-Azure-WAF-768x512.webp 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/Features-of-Azure-WAF-1536x1024.webp 1536w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/Features-of-Azure-WAF-2048x1366.webp 2048w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/Features-of-Azure-WAF-150x100.webp 150w\" sizes=\"(max-width: 2560px) 100vw, 2560px\" \/><\/p>\n<ol>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Managed Rules:<\/b><span style=\"font-weight: 400;\"> Microsoft maintains a set of managed WAF rules designed to identify and block common threats. These rules are automatically updated when changes are made, ensuring up-to-date protection.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Custom Rules: <\/b><span style=\"font-weight: 400;\">You have the flexibility to supplement the managed rules with custom ones, allowing you to extend coverage to address specific threats that may be unique to your web application.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Azure Web Application Firewall Policies: <\/b><span style=\"font-weight: 400;\">Azure Web Application Firewall<\/span> <span style=\"font-weight: 400;\">WAF policies bring together managed and custom rules, along with other firewall settings, to create comprehensive security policies tailored to protect different web applications.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Modes: <\/b><span style=\"font-weight: 400;\">Azure WAF operates in two modes. Detection mode Azure Web Application Firewall logs violate but don&#8217;t block them, while prevention mode not only logs incidents but actively blocks unauthorized requests.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Exclusions: <\/b><span style=\"font-weight: 400;\">Azure WAF allows you to specify certain attributes to be ignored during request validation, providing flexibility in handling specific scenarios.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Request Limits:<\/b><span style=\"font-weight: 400;\"> You can configure Azure WAF to flag requests that exceed a defined size limit, helping to manage and control the traffic your web application receives.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Alerts:<\/b><span style=\"font-weight: 400;\"> Integration with Azure Monitor ensures that you receive immediate alerts when Azure WAF detects potential threats, enabling swift response to security issues.<\/span><\/li>\n<\/ol>\n<blockquote><p>Also Read : <a href=\"https:\/\/www.whizlabs.com\/blog\/study-guide-microsoft-sc-100-exam\/\" target=\"_blank\" rel=\"noopener\">Preparation Guide on SC-100<\/a>:Microsoft Cybersecurity Architect<\/p><\/blockquote>\n<h3><span class=\"ez-toc-section\" id=\"Azure_Web_Application_Firewall_Pricing\"><\/span><strong>Azure Web Application Firewall Pricing<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Azure Web Application Firewall offers two distinct pricing plans:<\/span><\/p>\n<ol>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">The Basic Application Gateway is available at a starting cost of $18.25 per month.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">The Web Application Firewall Application Gateway is priced at $91.98 per month.<\/span><\/li>\n<\/ol>\n<p><span style=\"font-weight: 400;\">Based on the user&#8217;s requirements, they can select the required firewall.<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"How_does_Azure_Web_Application_Firewall_Work\"><\/span><strong>How does Azure Web Application Firewall Work?<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">An Azure web application firewall (WAF) functions by utilizing a set of rules or Azure Web Application Firewall<\/span> <span style=\"font-weight: 400;\">policies specifically crafted to safeguard web-based applications. It achieves this by closely monitoring and filtering network traffic that employs web protocols, primarily HTTP and HTTPS.<\/span><\/p>\n<p><b>Azure web application firewall architecture diagram<\/b><\/p>\n<figure id=\"attachment_90877\" aria-describedby=\"caption-attachment-90877\" style=\"width: 678px\" class=\"wp-caption aligncenter\"><img decoding=\"async\" class=\"wp-image-90877 size-full\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/azure-web-application.webp\" alt=\"Azure Web Application Firewall\" width=\"678\" height=\"411\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/azure-web-application.webp 678w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/azure-web-application-300x182.webp 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/azure-web-application-150x91.webp 150w\" sizes=\"(max-width: 678px) 100vw, 678px\" \/><figcaption id=\"caption-attachment-90877\" class=\"wp-caption-text\">Image Source: www.microsoft.com<\/figcaption><\/figure>\n<p><span style=\"font-weight: 400;\">The role of a WAF can be divided into two primary functions: protecting inbound and outbound traffic.<\/span><\/p>\n<p><b>Inbound Protection:<\/b><span style=\"font-weight: 400;\"> The inbound protection aspect of a WAF is responsible for scrutinizing incoming application traffic from external sources. As part of its duty to shield web applications from inbound traffic, the WAF must identify patterns of malicious activity, suspicious data payloads, and potential web security vulnerabilities.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Given that cyber threats are persistent and ever-evolving, WAFs operate based on proactive security policies aimed at safeguarding against known vulnerabilities in web applications. <\/span><span style=\"font-weight: 400;\">To effectively filter out various forms of malicious traffic, these security policies must remain current and adaptable to keep pace with evolving attack strategies. WAFs are particularly effective in this regard due to their design, which allows for agile modifications to security policies.<\/span><\/p>\n<p><b>Outbound Protection:<\/b><span style=\"font-weight: 400;\"> Outbound protection focuses on preventing the unintentional or malicious leakage of enterprise and customer data. <\/span><span style=\"font-weight: 400;\">Accurately parsing outbound data can be a complex task, but proxy-based, inline WAFs can intercept outbound data and either mask or block the transmission of sensitive information. This helps ensure that data remains secure and confidential, safeguarding against both accidental data leaks and deliberate data exfiltration attempts.<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Benefits_of_having_Azure_Web_Application_Firewall_WAF_on_Application_Gateway\"><\/span><strong>Benefits of having Azure Web Application Firewall WAF on Application Gateway<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">By using the Azure WAF, the application gateway can attain below below-listed benefits as follows:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Safeguard your web applications against web vulnerabilities and attacks without the need to alter your back-end code.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Defend multiple web applications concurrently. Each instance of Application Gateway can secure up to 40 websites through a web application firewall.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Tailor distinct WAF policies for various sites under the same WAF protection.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Shield your web applications from malicious bots using the IP Reputation ruleset.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Enhance your application&#8217;s resilience against DDoS attacks.<\/span><\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"Azure_Web_Application_Firewall_WAF_Use_Cases\"><\/span><strong>Azure Web Application Firewall WAF Use Cases<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Here are some use cases of Azure Web Application Firewall in detail:<\/span><\/p>\n<h4><strong>Web Applications with Sensitive Data<\/strong><\/h4>\n<p><span style=\"font-weight: 400;\">Some of the malicious actors cause attacks with some intention or objectives. Their main goal is to gain access to sensitive data such as IDs, license numbers, and financial data like customer credit card numbers, trade secrets, and proprietary data.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Those stolen data can be used in many instances, for example, for purchasing items with credit card details. The actors can use those data for ransom activity or sell those data in the criminal marketplace.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To prevent such situations, organizations can deploy the <\/span><span style=\"font-weight: 400;\">Azure Web Application Firewall <\/span><span style=\"font-weight: 400;\">to secure sensitive data to defend against intrusion and exfiltration.<\/span><\/p>\n<h4><strong>Web Apps that Need Authentication<\/strong><\/h4>\n<p><span style=\"font-weight: 400;\">Many attackers attempt to get account data such as usernames or passwords for doing malicious activity. For instance, the actors employ compromised authentication details for accessing the web page by impersonating an authenticated user running commands with the stolen credentials, and accessing network parts or attempting to sign into other services. <\/span><span style=\"font-weight: 400;\">We can overcome this situation by means of Azure Web Application Firewall to detect any illegal file inclusion or SQL injections while trying to attempt to theft the account data.<\/span><\/p>\n<h4><strong>Web Apps with Security and Budget Issues<\/strong><\/h4>\n<p><span style=\"font-weight: 400;\">Security impacts the performance of the web application. And thus ensuring the security of the web application lies in paramount importance. In general, the web development teams often deploy various security measures for the top 10 security threats as mentioned by OWASP organization.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">However, the creation and maintenance of the secure code takes more time and is highly laborious. Moreover, securing web applications around the clock can be impossible. To make it efficient, the Azure Web Application Firewall can be introduced and it lets you configure the Azure Application Gateway instance or Azure Front Door Profile within the specific time duration.<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"FAQs\"><\/span><strong>FAQs<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><b>What is Azure Web Application Firewall?\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Azure Web Application Firewall is a service built for the cloud, and its main job is to keep your web apps safe. It does this by defending them against things like malicious bots and common web problems like SQL injection and cross-site scripting.<\/span><\/p>\n<p><b>Does Azure Firewall have WAF?<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Yes, Azure Firewall offers the option to include Azure Web Application Firewall (WAF), which can be added to Azure Application Gateway as needed.<\/span><\/p>\n<p><b>What are the types of AWF?<\/b><\/p>\n<p><span style=\"font-weight: 400;\">There are three main types of Web Application Firewalls (WAFs): cloud-based, software-based, and hardware-based. Each type has its own strengths and weaknesses. Additionally, WAFs are often a component of a broader application security approach known as web application and API protection (WAAP).<\/span><\/p>\n<p><b>What are the benefits of Azure WAF?<\/b><\/p>\n<p><span style=\"font-weight: 400;\">A Web Application Firewall (WAF) offers several benefits, including safeguarding all your access points like servers, workstations, mobile gadgets, and IoT devices. It has the capability to thwart familiar assaults like cross-site scripting (XSS) and SQL injection, while also identifying more sophisticated dangers like malware, ransomware, and phishing attacks.<\/span><\/p>\n<blockquote><p>Know More : How to Filter Inbound Internet Traffic with <a href=\"https:\/\/www.whizlabs.com\/blog\/filter-inbound-traffic-azure-firewall\/\" target=\"_blank\" rel=\"noopener\">Azure Firewall Policy DNAT<\/a><\/p><\/blockquote>\n<div class=\"ast-oembed-container \" style=\"height: 100%;\"><iframe title=\"All you need to know about SC-100: Microsoft Cybersecurity Architect Certification Exam | Whizlabs\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/99Rkh8SnzJI?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/div>\n<h3><span class=\"ez-toc-section\" id=\"Conclusion\"><\/span><strong>Conclusion<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Hope this article conveys detailed information on Azure WAF, Azure WAF features, Azure WAF pricing, benefits of Azure WAF, and its use cases.\u00a0 <\/span><span style=\"font-weight: 400;\">If you&#8217;re looking for information on the SC-100 certification or have specific questions about it. You can look at preparation materials like SC-100 study guides, SC-100 practice tests, and free questions.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">As a cybersecurity architect, you must have a thorough understanding of cybersecurity protection mechanisms and technologies. Implementation of a firewall like Azure WAF can really help in combating harmful attacks and threats. <\/span><span style=\"font-weight: 400;\">If you want to pursue a career in cybersecurity, you can try <strong>fundamental cybersecurity certifications<\/strong> like SC-100 Certification.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">If you want to level up practical skills other than theoretical knowledge, you can simply rely on <\/span><a href=\"https:\/\/www.whizlabs.com\/labs\/library\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Azure hands-on labs<\/span><\/a><span style=\"font-weight: 400;\"> and <\/span><a href=\"https:\/\/www.whizlabs.com\/labs\/sandbox\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Azure Sandboxes<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>An Azure web application firewall (WAF) is a specialized firewall designed to ensure web application protection and API security. It accomplishes this by examining, tracking, and preventing malicious web traffic and attacks that target the application layer. These attacks include threats like Distributed Denial of Service (DDoS), SQL injection, cookie tampering, cross-site scripting (XSS), cross-site forgery, and file inclusion. As a cybersecurity analyst: with SC-100 Certification, you can defend against those attacks and ensure the safety of the web apps without any concern.\u00a0 Now, let\u2019s dig in to know more! Overview of Azure Web Application Firewall (WAF) WAFs operate at [&hellip;]<\/p>\n","protected":false},"author":12,"featured_media":90884,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"default","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[15],"tags":[5059,4967],"class_list":["post-90867","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-azure","tag-azure-web-application","tag-sc-100-exam"],"uagb_featured_image_src":{"full":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/What-Is-Azure-Web-Application-Firewall-WAF-FI.webp",1280,720,false],"thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/What-Is-Azure-Web-Application-Firewall-WAF-FI-150x150.webp",150,150,true],"medium":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/What-Is-Azure-Web-Application-Firewall-WAF-FI-300x169.webp",300,169,true],"medium_large":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/What-Is-Azure-Web-Application-Firewall-WAF-FI-768x432.webp",768,432,true],"large":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/What-Is-Azure-Web-Application-Firewall-WAF-FI-1024x576.webp",1024,576,true],"1536x1536":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/What-Is-Azure-Web-Application-Firewall-WAF-FI.webp",1280,720,false],"2048x2048":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/What-Is-Azure-Web-Application-Firewall-WAF-FI.webp",1280,720,false],"profile_24":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/What-Is-Azure-Web-Application-Firewall-WAF-FI.webp",24,14,false],"profile_48":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/What-Is-Azure-Web-Application-Firewall-WAF-FI.webp",48,27,false],"profile_96":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/What-Is-Azure-Web-Application-Firewall-WAF-FI.webp",96,54,false],"profile_150":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/What-Is-Azure-Web-Application-Firewall-WAF-FI.webp",150,84,false],"profile_300":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/What-Is-Azure-Web-Application-Firewall-WAF-FI.webp",300,169,false],"tptn_thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/What-Is-Azure-Web-Application-Firewall-WAF-FI-250x250.webp",250,250,true],"web-stories-poster-portrait":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/What-Is-Azure-Web-Application-Firewall-WAF-FI-640x720.webp",640,720,true],"web-stories-publisher-logo":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/What-Is-Azure-Web-Application-Firewall-WAF-FI-96x96.webp",96,96,true],"web-stories-thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2023\/09\/What-Is-Azure-Web-Application-Firewall-WAF-FI-150x84.webp",150,84,true]},"uagb_author_info":{"display_name":"Krishna Srinivasan","author_link":"https:\/\/www.whizlabs.com\/blog\/author\/krishna\/"},"uagb_comment_info":1,"uagb_excerpt":"An Azure web application firewall (WAF) is a specialized firewall designed to ensure web application protection and API security. It accomplishes this by examining, tracking, and preventing malicious web traffic and attacks that target the application layer. These attacks include threats like Distributed Denial of Service (DDoS), SQL injection, cookie tampering, cross-site scripting (XSS), cross-site&hellip;","_links":{"self":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/90867","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/comments?post=90867"}],"version-history":[{"count":11,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/90867\/revisions"}],"predecessor-version":[{"id":92231,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/90867\/revisions\/92231"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/media\/90884"}],"wp:attachment":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/media?parent=90867"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/categories?post=90867"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/tags?post=90867"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}