Enable the WAF policy
Now that you have successfully deployed Application Gateway and you can connect to your application, you can additionally enable the Web Application Firewall on your Application Gateway. By default your WAF policy will be disabled when you created it. You can use the following guidance to perform this task:
Step by step guidance
-
To conclude the setup, enable the WAF policy. This will automatically start flagging noncompliant requests. To avoid blocking any requests at this point, configure it in detection mode.
az network application-gateway waf-policy policy-setting update \ --mode Detection \ --policy-name $WAF_POLICY_NAME \ --resource-group $RESOURCE_GROUP \ --state Enabled