Skip to content

Azure WAF Rule Sets

Automatically generated reference documentation for Azure Web Application Firewall rule sets. Sourced directly from the Azure REST API and regenerated weekly.

App Gateway

Rule Set Description Changelog
OWASP OWASP Core Rule Set (CRS) for App Gateway WAF — the industry standard open source rule set covering the OWASP Top 10 and beyond
Default Rule Set Microsoft managed rule set baselined on CRS with additional Threat Intelligence rules developed by Microsoft's security team changelog
Bot Manager Microsoft bot detection and mitigation rules — identifies and blocks malicious bots while allowing legitimate crawlers changelog

Front Door

Rule Set Description Changelog
Default Rule Set Microsoft managed rule set for Front Door — includes the latest DRS versions including 2.2 with Paranoia Level support changelog
Bot Manager Microsoft bot detection and mitigation rules for Front Door changelog
Legacy Legacy DefaultRuleSet and BotProtection preview rule sets — retained for reference

What's in the docs

Each rule set page includes:

  • Rule ID — unique identifier used in WAF logs and exclusion configuration
  • Rule Group — logical grouping (e.g. SQLI, XSS, RCE, LFI)
  • Description — what the rule detects
  • Default Action — AnomalyScoring, Block, or Log
  • Default State — Enabled or Disabled out of the box
  • CRS Source — direct link to the rule definition in the OWASP CRS GitHub repository where applicable
  • CVE links — CVE IDs in rule descriptions link directly to the NIST NVD entry

Microsoft proprietary rules (99xxxxxx series and Bot rules) do not have CRS source links as they are closed-source Threat Intelligence rules.

Changelogs

Version-to-version changelogs are available showing exactly which rules were added, removed, or modified between releases — useful for impact assessment before upgrading your WAF policy.

Resources

Link Description
Azure WAF Documentation Official Microsoft WAF docs
CRS GitHub Repository OWASP Core Rule Set source
App Gateway WAF Overview App Gateway WAF docs
Front Door WAF Overview Front Door WAF docs
NVD CVE Database NIST National Vulnerability Database