Back to WAF Simulator
Policy Designer
Import
Save
Export
Test Policy
Policy Settings
Policy Name
Target Platform
Azure Front Door
Application Gateway
🚀 Supports advanced features like CAPTCHA, JS Challenge
Policy Mode
Prevention (Block Traffic)
Detection (Log Only)
Wizard
AI Help
Managed Rule Sets
OWASP 3.2
Core web application protection
SQL Injection
Cross-Site Scripting
Remote File Inclusion
Global Exclusions
+ Add Exclusion
Query: returnUrl
Regex: ^/safe/.*$
Remove
Visual Editor
JSON Preview
Custom Rules
+ Add Rule
10
Block Admin Paths
Prevent access to administrative endpoints
BLOCK
â‹®
When:
Path starts with "/admin"
20
Block Malicious Bots
Block known security scanning tools
BLOCK
â‹®
When:
User-Agent matches regex "(sqlmap|nikto|curl/\\d+)"
30
Log Large Requests
Monitor requests with large body size
LOG
â‹®
When:
Body size greater than 1 MB