Share via

WAF rule processing load and its impact analysis

Alex 375 Reputation points
2024-10-17T07:34:33.7666667+00:00

Hello all,

Good day!

I would like to know if I have a FrontDoor/AppGw WAF policy in prevention mode with all the default rulesets enabled + a bunch of custom rulesets added (say 50), when a request hits the frontdoor or AppGw, that 1 request would be checked against all these rulesets sequentially based on the priority of the rulesets before allowing the traffic or how efficiently it processes the requests and WAF ruleset validation?

The reason behind this question is to understand if WAF rule processing would cause any latency or delay to connect to the site till it finds a match.

Azure Front Door
Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
692 questions
Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,079 questions
0 comments
Accepted answer
  1. Sam Cogan 10,747 Reputation points MVP
    2024-10-17T07:54:33.5466667+00:00

    WAF rules are applied in the order of custom rules first, then managed rulesets. If any of your custom rules are Allow rules rather than Deny, then processing will stop after passing the first Allow rule.

    WAF rule processing is done in order where there are rules with different priorities, which can add some delay to processing. However, this delay is usually very minimal. You should test this with your own traffic to confirm whether it causes you any issues.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.