Azure Front Door include policy that associated to the endpoint, but actually it's not block anything.

Question

Azure Front Door include policy that associated to the endpoint, but actually it's not block anything.

Shlomi Rachamim 20

Hello

We've Azure Front Door include policy that associated to the endpoint, but actually it's not block anything.

please help,

if needed I can send private message with all our settings,

the currently mode is Prevention, and have Managed rule and OWASP rules included, but not blocked anything when try to put any suspicious letters

Asher Cohen 0 Reputation points

2025-07-28T15:02:50.3533333+00:00

Nothing help,

could you please share how to try to trigger the front door for block?

I tried also to refresh the page multiple times , not blocked
Praveen Bandaru 6,850 Reputation points Microsoft External Staff Moderator

2025-07-28T16:15:35.3533333+00:00

Hello Asher Cohen
Thank you for your response. I have initiated a private message please share the required information there so we can connect and discuss on your further quires.
Shlomi Rachamim 20 Reputation points

2025-07-29T06:32:45.87+00:00

Please initiate private message to me, I will share the details
Praveen Bandaru 6,850 Reputation points Microsoft External Staff Moderator

2025-07-31T02:17:09+00:00

Hello Shlomi Rachamim

If you’re checking WAF functionality on Front Door and notice that rules aren’t being blocked, it’s because the standard Front Door doesn’t include default WAF features like OWASP rules or Bot protection.

To use these default rules, you’ll need to upgrade your AFD profile to Premium.

With the standard version, only custom rules are available, so you’ll have to create them manually to restrict malicious requests.

Also, since you’re testing using a host file entry on your machine to access your AFD URL, this might be why your rule isn’t working as expected. I tested it in my environment, and it worked correctly.

If you want to confirm that this rule is functioning, you can review the front door WAF logs. All relevant details, including the custom rule name you associated, will be available in the logs.
Praveen Bandaru 6,850 Reputation points Microsoft External Staff Moderator

2025-08-01T01:04:16.1+00:00

Hello Shlomi Rachamim
I just wanted to follow up and see if you had a chance to review my response to your question. Please let us know if it was helpful, and feel free to reach out if you have any further queries.

Hope the above answer helps! Please let us know do you have any further queries.

Please do not forget to “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

1 answer

Your answer

Asher Cohen 0 Reputation points

2025-07-28T15:02:50.3533333+00:00

Nothing help,

could you please share how to try to trigger the front door for block?

I tried also to refresh the page multiple times , not blocked
Praveen Bandaru 6,850 Reputation points Microsoft External Staff Moderator

2025-07-28T16:15:35.3533333+00:00

Hello Asher Cohen
Thank you for your response. I have initiated a private message please share the required information there so we can connect and discuss on your further quires.
Shlomi Rachamim 20 Reputation points

2025-07-29T06:32:45.87+00:00

Please initiate private message to me, I will share the details
Praveen Bandaru 6,850 Reputation points Microsoft External Staff Moderator

2025-07-31T02:17:09+00:00

Hello Shlomi Rachamim

If you’re checking WAF functionality on Front Door and notice that rules aren’t being blocked, it’s because the standard Front Door doesn’t include default WAF features like OWASP rules or Bot protection.

To use these default rules, you’ll need to upgrade your AFD profile to Premium.

With the standard version, only custom rules are available, so you’ll have to create them manually to restrict malicious requests.

Also, since you’re testing using a host file entry on your machine to access your AFD URL, this might be why your rule isn’t working as expected. I tested it in my environment, and it worked correctly.

If you want to confirm that this rule is functioning, you can review the front door WAF logs. All relevant details, including the custom rule name you associated, will be available in the logs.
Praveen Bandaru 6,850 Reputation points Microsoft External Staff Moderator

2025-08-01T01:04:16.1+00:00

Hello Shlomi Rachamim
I just wanted to follow up and see if you had a chance to review my response to your question. Please let us know if it was helpful, and feel free to reach out if you have any further queries.

Hope the above answer helps! Please let us know do you have any further queries.

Please do not forget to “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

Answer 1

Praveen Bandaru 6,850 Microsoft External Staff Moderator

Hello Shlomi Rachamim
I understand that you're experiencing issues with your Azure Front Door policies not blocking any traffic, even though they are configured in Prevention mode and both Managed and OWASP rules are enabled.

Please double-check that the WAF policy is properly associated with the Front Door endpoint and applied to the correct route or domain.
Make sure the OWASP rules are enabled and that the specific rules blocking suspicious characters or patterns are active. Review the rule sets to confirm they address the threats you’re targeting.
If you have custom rules, verify they are set to Block rather than just Log or Allow, and check the priority of these rules, as custom rules can sometimes override managed rules.
Enable logging if it’s not already active to help review processed requests and understand why certain requests may not be blocked. Azure Diagnostic Logs can be useful for this.
Also, review any exceptions or exclusions in your policies that could prevent blocking for specific requests.

Check the below document for more understanding:
https://learn.microsoft.com/en-us/azure/web-application-firewall/afds/afds-overview#protection
https://learn.microsoft.com/en-us/azure/frontdoor/web-application-firewall#policy-settings

Hope the above answer helps! Please let us know do you have any further queries.

Please do consider to “up-vote” wherever the information provided helps you, this can be beneficial to other community members

Shlomi Rachamim 20 Reputation points

2025-08-03T05:22:34.9833333+00:00

My AFD is Premium and Prevention mode , and not blocks anything.
Praveen Bandaru 6,850 Reputation points Microsoft External Staff Moderator

2025-08-05T15:00:58.56+00:00

Hello Shlomi Rachamim
I tested it in my environment, and it is working perfectly. I'm also seeing the expected results in the logs. Please see the screenshots of the logs below.

And please check the below document for more understanding:

https://learn.microsoft.com/en-us/azure/web-application-firewall/afds/waf-front-door-geo-filtering

If you have a specific path, please add it, test it, and let us know the outcome.
Praveen Bandaru 6,850 Reputation points Microsoft External Staff Moderator

2025-08-06T00:56:45.8966667+00:00

Hello Shlomi Rachamim
I just wanted to follow up and see if you had a chance to review my response to your question. Please let us know if it was helpful, and feel free to reach out if you have any further queries.

Hope the above answer helps! Please let us know do you have any further queries.

Please do not forget to “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

Share via

Azure Front Door include policy that associated to the endpoint, but actually it's not block anything.

1 answer

Your answer