Web Application Firewall (WAF) rate limit rule for Azure Application Gateway
Hello, Currently, I can create a WAF rate limit rule only on Azure Front Door but I can't create it on the Application Gateway (e.g. see https://serverfault.com/questions/961678/rate-limit-using-azure-application-gateway). Will the WAF rate limit rule on the Application Gateway ever be available in the future? If yes, when? Thanks in advance.
Secure a VM-based web server sitting behind Azure Front Door + WAF from the internet
Hi All I have a web server that's running on a VM inside Azure. The server is exposed to the internet through an NGINX reverse proxy and a public IP address. For added security, I've set up an Azure Front Door, incorporating an Azure Web Application Firewall (WAF), which works fine so far. My issue is that I can't see how I'm supposed to stop internet traffic connecting directly to my internet-facing NGINX proxy. Without putting restrictions in place (I'm not sure what these would be), there's no reason for anyone to access the server via AFD as they could just go straight to the server. This completely defeats the purpose of AFD + WAF (apart from load balancing, etc. features which I'm not using). Has anyone worked this out? It doesn't appear as though Microsoft has thought this through??? Cheers, Josh
