Member-only story
Introduction
Even if there are no known vulnerabilities in the web application currently in operation, new vulnerabilities will be discovered in the future, and it may be necessary to upgrade the middle ware or it may be difficult to deal with them immediately. I think that the introduction of WAF is a precautionary measure against unknown vulnerabilities by blocking suspicious requests before they are processed by the application . Of course, WAF does not completely prevent attacks, so it is important to keep your application invulnerable.
Sometimes small development teams, have to solve a wide variety of problems with limited resources. It’s difficult to spend a lot of time just introducing a WAF. Therefore, I think so it’s a good idea to use the Azure Application Gateway (v1 SKU) which have the function of WAF.
You don’t need to add new resources just by changing the settings. In addition, it is possible to easily switch between the mode for rejecting requests (prevention mode) and the mode for only detecting…
