azure custom waf rules disappeared

Hi @ Gomolemo •,

Welcome to Microsoft Q&A Platform.

When custom WAF rules suddenly disappear after modifying a single rule and no delete operation appears in the Activity Logs, it typically indicates an overwrite (PUT) configuration event rather than a delete action.

Azure logs PUT updates but does not log them as delete operations, which can make it appear as though rules were removed without any delete entry.

If the rules were updated through:

• ARM template deployment
• Bicep
• Terraform
• API / CLI / PowerShell

these tools perform a full object replacement, not a partial update. If the deployment did not include the existing custom rules, the WAF policy is overwritten and the rules disappear with no delete log, because Azure treats it as a normal configuration update.

You can verify this by checking:

• Activity Log → Administrative → Write (PUT) operations
• Deployment history (if using ARM/Bicep)
• Terraform state or plan (if using IaC)
• Pipelines or automation scripts

If the policy is associated with multiple Front Doors / Gateways, another team may have updated the policy from a different resource, overwriting the configuration.

Check: WAF Policy → Overview → Associated Resources

I hope this information helps resolve your issue.

Please and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.