Implement IP based rate limiting in Azure Front Door

Rate limiting is a technique used to control network traffic. It controls the rate of requests sent or received by a network interface controller.

Advantages of rate limiting:

• Prevents DoS and DDoS attacks
• Prevents brute force attack
• Limit web scrapping
• Prevents API overuse and there by prevents response degradation

This article briefs how to implement rate limiting (IP based) in Azure Front Door(AFD) using web application firewall (WAF).

IP Rate Limiting through AFD

Rate limiting can be implemented in AFD by setting up custom policy in WAF.

1. On the Azure portal, select the Web application firewall(WAF) associated with the required Azure Front Door(AFD).
2. Select Custom rules.
3. Select Add custom rule.
4. On the Add custom rule page, use the following values to create a custom rule:

5. Update the policy and save.

Note: A private IP (10.10.10.0/24) address was intentionally used so that all the public IPs will be rate limited. The private IP will not be visible to internet.