Application gateways should have Web Application Firewall enabled

azure-applicationgateway
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください

Description

Azure Web Application Firewall (WAF) on Application Gateway protects web applications from common exploits such as SQL injection, cross-site scripting, and other OWASP Top 10 threats by inspecting and filtering incoming HTTP traffic. Each Application Gateway should have an associated WAF policy to actively protect against web-based attacks.

Remediation

Associate a WAF policy with the Application Gateway. Create a WAF policy if one does not exist, then attach it to the gateway. For guidance, see Create a Web Application Firewall policy for Application Gateway.