Microsoft has announced new security enhancements for Power Pages, introducing Azure-managed Bot Protection and configurable Web Application Firewall (WAF) rules. These updates aim to improve site resilience against automated threats and give makers more control over their security settings.

Here’s what you need to know:

Bot Protection Rule
This rule identifies and blocks suspicious bot activity in real time. It distinguishes between good bots (like Bing and Google), bad bots (malicious ones), and unknown bots.
Enhanced Control for Makers
Makers can now enable or disable specific managed rules from the Security workspace in Pages Design Studio. Rule categories include cross-site scripting, session fixation, and file-based attacks.