# Enable F5 WAF for NGINX




## Overview

This guide explains how to enable F5 WAF for NGINX on a F5 NGINX as a Service for Azure (NGINXaaS) deployment. [F5 WAF for NGINX](https://docs.nginx.com/nginx-app-protect-waf/v5) provides web application firewall (WAF) security protection for your web applications, including OWASP Top 10; response inspection; Meta characters check; HTTP protocol compliance; evasion techniques; disallowed file types; JSON & XML well-formedness; sensitive parameters & Data Guard.

## Before you start

- F5 WAF for NGINX can only be enabled on NGINXaaS for Azure deployments with the **Standard v3** [plan](/nginxaas-azure/billing/overview.md/#standard-v3-plan) (and the deprecated **Standard v2** [plan](/nginxaas-azure/billing/overview.md/#standard-v2-plan-deprecated))

## Enable F5 WAF for NGINX

F5 WAF for NGINX is disabled by default and needs to be explicitly enabled on an NGINXaaS deployment. Follow these steps:

### Using the Microsoft Azure Portal

Access the [Microsoft Azure portal](https://portal.azure.com)

1. Go to your NGINXaaS for Azure deployment.

2. Select F5 WAF for NGINX in the left menu.

3. Select **Enable F5 WAF for NGINX**.

## What's next

[Configure F5 WAF for NGINX](/nginxaas-azure/app-protect/configure-waf.md)