| title | Configure bot protection for Azure Web Application Firewall (WAF) |
|---|---|
| description | Learn how to configure bot protection for Web Application Firewall (WAF) on Azure Application Gateway. |
| author | halkazwini |
| ms.author | halkazwini |
| ms.service | azure-web-application-firewall |
| ms.topic | how-to |
| ms.date | 06/01/2023 |
This article shows you how to configure a bot protection rule in Azure Web Application Firewall (WAF) for Application Gateway using the Azure portal.
You can enable a managed bot protection rule set for your WAF to block or log requests from known malicious IP addresses. The IP addresses are sourced from the Microsoft Threat Intelligence feed. Intelligent Security Graph powers Microsoft threat intelligence and is used by multiple services including Microsoft Defender for Cloud.
Create a WAF policy for Application Gateway by following the instructions described in Create Web Application Firewall policies for Application Gateway.
-
In the Application Gateway WAF policy that you created previously, under Settings, select Managed Rules.
-
Select Assign.
-
On the Assign managed rule sets page, under Additional rule set, select the desired Bot Manager rule set.
:::image type="content" source="../media/bot-protection/managed-rule-sets.png" alt-text="Screenshot show WAF managed rule sets.":::
-
Select Save.
For more information about the Bot Manager rule set, see Web Application Firewall CRS rule groups and rules.