Web application firewall (WAF) available in the WAF SKU of Application Gateway provides protection to web applications from common web vulnerabilities and exploits like SQL injection attacks, cross-site scripting attacks, etc. It is difficult to prevent these attacks as they require rigorous maintenance, patching and monitoring at multiple layers of the application topology. A centralized web application firewall like this will help application administrators to tackle these threats with much less effort. Microsoft has recently announced the general availability of Web application firewall in all Azure regions. WAF offers the following features,
- Protect your application from web vulnerabilities and attacks without modifying backend code. WAF addresses various attack categories including:
- SQL injection
- Cross site scripting
- Common attacks such as command injection, HTTP request smuggling, HTTP response splitting, and remote file inclusion attack
- HTTP protocol violations
- HTTP protocol anomalies
- Bots, crawlers, and scanners
- Common application misconfigurations (e.g. Apache, IIS, etc.)
- HTTP Denial of Service
- Protect multiple web applications simultaneously. Application Gateway supports hosting up to 20 websites behind a single gateway that can all be protected against web attacks.
Learn more about WAF here.