Public Preview: X-Forwarded-For (XFF) grouping for rate limiting on Application Gateway WAF v2

Application Gateway Web Application Firewall (WAF) v2 now supports additional rate‑limiting GroupBy options based on the X‑Forwarded‑For (XFF) HTTP header. This enables customers running Application Gateway behind proxies or CDNs to apply rate limits using the original client IP rather than the TCP source IP. In this preview, rate‑limiting rules can be grouped by Client Address (XFF) or Geo Location (XFF), helping security teams more accurately mitigate abusive or high‑volume traffic patterns without unintentionally throttling legitimate users. The capability integrates with existing Application Gateway WAF v2 custom rate‑limit rules and policies. [Learn more](https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/rate-limiting-overview).