Skip to content

Configure WAF on the Azure Front Door #324

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
IEvangelist merged 2 commits into from
Jan 31, 2026
Merged

Configure WAF on the Azure Front Door #324

IEvangelist merged 2 commits into from
Jan 31, 2026

Conversation

@eerhardt
Copy link
Member

@eerhardt eerhardt commented Jan 30, 2026

These policies are required by Microsoft to prevent DDOS attacks on the site.

@eerhardt
Configure WAF on the Azure Front Door
b5cdbf9 
These policies are required by Microsoft to prevent DDOS attacks on the site.
@eerhardt eerhardt requested a review from IEvangelist as a code owner January 30, 2026 20:47
Copilot AI review requested due to automatic review settings January 30, 2026 20:47
Copilot AI reviewed Jan 30, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds an Azure Front Door WAF policy and associates it with the Front Door endpoint to meet DDoS/WAF compliance requirements.

Changes:

  • Introduces a configurable rateLimitThreshold parameter for WAF rate limiting.
  • Adds a Front Door WAF Policy with a global rate-limit custom rule and a managed Bot Manager ruleset.
  • Associates the WAF policy to the Front Door endpoint via a Front Door security policy.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

IEvangelist
IEvangelist approved these changes Jan 30, 2026
View reviewed changes
Copy link
Member

@IEvangelist IEvangelist left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This LGTM, but some of the copilot comments are interesting. Might be worth considering...

@eerhardt
Copy link
Member Author

eerhardt commented Jan 30, 2026

I'm getting an error trying to deploy this:

WebApplicationFirewallPolicy validation failed. More information "Policy ArmResourceId has incorrect formatting". Click here for details

trying to get copilot to fix it.

eerhardt
eerhardt commented Jan 30, 2026
View reviewed changes
@IEvangelist IEvangelist merged commit ed14c0c into main Jan 31, 2026
6 checks passed
@IEvangelist IEvangelist deleted the eerhardt/AddWAF branch January 31, 2026 16:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@IEvangelist IEvangelist IEvangelist approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@eerhardt @IEvangelist