Public Preview: Microsoft HTTP DDoS Ruleset 1.0 on Application Gateway WAF v2

Announcing the public preview of the HTTP DDoS Ruleset for Application Gateway WAF v2\. HTTP-layer DDoS attacks remain a leading cause of application downtime, and traditional static controls often fall short against evolving botnets. The new HTTP DDoS Ruleset for Azure WAF introduces automated, adaptive Layer 7 protection that learns, detects, and defends with minimal configuration. Once assigned, the ruleset continuously baselines normal traffic for each Application Gateway and, when attack surges are detected, selectively blocks offending clients with no emergency tuning required. The HTTP DDoS Ruleset features: * Automated learning of traffic baselines at both the gateway and per-IP level. * Dynamic thresholds and sensitivity settings to balance protection and user experience. * Two core rules: one for high-rate client anomalies and one for suspected bots, leveraging Microsoft Threat Intelligence. Currently, portal access for this feature is via the [preview portal](https://preview.portal.azure.com/). [Learn more](https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/ddos-ruleset).