Azure WAF Rule Sets¶
Automatically generated reference documentation for Azure Web Application Firewall rule sets. Sourced directly from the Azure REST API and regenerated weekly.
App Gateway¶
| Rule Set | Description | Changelog |
|---|---|---|
| OWASP | OWASP Core Rule Set (CRS) for App Gateway WAF — the industry standard open source rule set covering the OWASP Top 10 and beyond | — |
| Default Rule Set | Microsoft managed rule set baselined on CRS with additional Threat Intelligence rules developed by Microsoft's security team | changelog |
| Bot Manager | Microsoft bot detection and mitigation rules — identifies and blocks malicious bots while allowing legitimate crawlers | changelog |
Front Door¶
| Rule Set | Description | Changelog |
|---|---|---|
| Default Rule Set | Microsoft managed rule set for Front Door — includes the latest DRS versions including 2.2 with Paranoia Level support | changelog |
| Bot Manager | Microsoft bot detection and mitigation rules for Front Door | changelog |
| Legacy | Legacy DefaultRuleSet and BotProtection preview rule sets — retained for reference | — |
What's in the docs¶
Each rule set page includes:
- Rule ID — unique identifier used in WAF logs and exclusion configuration
- Rule Group — logical grouping (e.g. SQLI, XSS, RCE, LFI)
- Description — what the rule detects
- Default Action — AnomalyScoring, Block, or Log
- Default State — Enabled or Disabled out of the box
- CRS Source — direct link to the rule definition in the OWASP CRS GitHub repository where applicable
- CVE links — CVE IDs in rule descriptions link directly to the NIST NVD entry
Microsoft proprietary rules (99xxxxxx series and Bot rules) do not have CRS source links as they are closed-source Threat Intelligence rules.
Changelogs¶
Version-to-version changelogs are available showing exactly which rules were added, removed, or modified between releases — useful for impact assessment before upgrading your WAF policy.
Resources¶
| Link | Description |
|---|---|
| Azure WAF Documentation | Official Microsoft WAF docs |
| CRS GitHub Repository | OWASP Core Rule Set source |
| App Gateway WAF Overview | App Gateway WAF docs |
| Front Door WAF Overview | Front Door WAF docs |
| NVD CVE Database | NIST National Vulnerability Database |