Hello @azuretechy ,
Apologies for the delay in response.
Content Delivery Network WAF Policy associated with Microsoft Standard CDN doesn't provide protection against crawlers, scanners & bots.
WAF on Azure CDN from Microsoft is currently in public preview and is provided with a preview service level agreement. Certain features may not be supported or may have constrained capabilities.
The Azure managed Default Rule Set includes rules against a few threat categories as mentioned in the below link:
https://video2.skills-academy.com/en-us/azure/web-application-firewall/cdn/cdn-overview#azure-managed-rule-sets
The version number of the Default Rule Set increments when new attack signatures are added to the rule set.
There is a separate bot manager ruleset available in Azure Front Door Premium SKU but it is not available for Azure CDN at the moment. Since WAF on Azure CDN from Microsoft is currently in public preview, the feature for Bot ruleset may be added once it goes GA. If you need specific feature/capabilty, you can feel free to share your feedback in the below forum requesting this feature. All the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.
https://feedback.azure.com/forums/217313-networking?category_id=345019
Azure CDN WAF policy have the possibility of adding custom rules but they only include match rules and rate control rules with capabilities mentioned in the below link:
https://video2.skills-academy.com/en-us/azure/web-application-firewall/cdn/cdn-overview#custom-rules
https://video2.skills-academy.com/en-us/azure/web-application-firewall/cdn/waf-cdn-create-portal#custom-rules
Kindly let us know if the above helps or you need further assistance on this issue.
----------------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.