Azure Web Application Firewall

A cloud-native web application firewall (WAF) service that provides powerful protection for web apps

Get better security for your web applications

Help protect your web apps from malicious attacks and common web vulnerabilities, such as SQL injection and cross-site scripting. With the cloud-native Azure web application firewall (WAF) service, deploy in minutes and only pay for what you use.

Protection for the top 10 Open Web Application Security Project (OWASP) security vulnerabilities

Deploy in minutes with improved security in a single click

Customized rules to meet your web app security requirements

Near real-time visibility and alerts through Azure Monitor

Enhance security with high availability and scale

Optimize performance with Azure Web Application Firewall deployed with Azure Front Door. Increase throughput for your global users with edge load balancing and application acceleration. Optimize your web app for high availability and scalability—with built-in auto-scaling and zone redundancy.

What is cloud-native Azure Network Security

Get managed rule sets to protect web apps

Help protect web applications from common vulnerabilities and exploits. Easily add and customize new rules to meet your application security requirements. Get a comprehensive list of web app firewall rule schemas and rules based on the OWASP core rule sets (CRS) 3.1/3.0.

Belgeleri okuyun

Deploy quickly to keep web apps protected

Easily deploy within minutes with no additional software required. Configure and enable Azure Web Application Firewall on your web application. Then, centrally define your rules and reuse them across all the web apps that you need to protect. Learn how to customize web application firewall rules in the Azure portal.

Belgeleri okuyun

Improve cost effectiveness for web app protection

Get competitive pricing for web application protection and pay only for what you use—with no minimum fees and no upfront commitments.

Why trust web application firewall to protect your applications?

  • Microsoft, siber güvenlik araştırma ve geliştirme çalışmalarına her yıl 1 milyar ABD Dolarını aşan yatırımlar yapıyor.

  • We employ more than 3500 security experts who are completely focused on securing your data and privacy.

  • Azure WAF is integrated with Azure Security Center

Get started with Azure Web Application Firewall

Get instant access and a $200 credit by signing up for a free Azure account.
Learn how to quickly deploy the Azure Web Application Firewall with quickstart tutorials and documentation.

Related products for developers

App Service

Build, deploy, and scale web apps on a fully managed platform.

Daha fazla bilgi edinin

Azure Firewall

Protect your apps with cloud-native firewalling capabilities—with built-in high availability, unrestricted cloud scalability, and zero maintenance.

Daha fazla bilgi edinin

Azure DDoS Protection

Protect your applications from Distributed Denial of Service (DDoS) attacks.

Daha fazla bilgi edinin

Trusted by companies of all sizes

Polycom gains scalability and access to global markets

This telecommunications leader uses the growing global network of Azure datacenters to achieve geo-redundancy and high levels of availability, delivering a great VC experience to users.

Hikayeyi okuyun

Polycom

Global energy company gets an edge with low-latency, hub-and-spoke topology

Italian energy company, Eni, used hub-and-spoke architecture on Azure to get enterprise-grade controls and meet the security bar set by the enterprise.

Hikayeyi okuyun

Enimbos

Security DevOps company simplifies deployments with Azure

WhiteSource, a security DevOps-oriented company, uses the monitoring, availability, and scalability capabilities with Azure to simplify open-source usage management for security and compliance professionals worldwide.

Hikayeyi okuyun

WhiteSource Bolt

Frequently asked questions about Azure Web Application Firewall

  • Azure Web Application Firewall is a cloud-native service that protects your web applications from bot attacks and common web vulnerabilities such as SQL injection and cross-site scripting.
  • Yes. For more information, see the documentation on customizing web application firewall rule groups and rules.
  • Yes. You can enable DDoS protection on the virtual network where the application gateway is deployed. This setting ensures that the Azure DDoS Protection service also protects the application gateway virtual IP (VIP).

Ready when you are—let’s set up your Azure free account.