DDoS L3 L4 L7 only

Big Hi to all of you,

I am currently in the learning phase and have implemented L3/L4 DDoS protection using AFM. Now, I want to focus on L7 DDoS mitigation. However, I find Advanced WAF overwhelming, as it covers a vast range of topics, and I’m unsure where to begin. My goal is to concentrate solely on protecting against L7 DDoS attacks from WAF.

Here are some key AFM settings I have implemented—let me know if anything is missing for L3/L4:

IP Intelligence is applied at the global level.
General Properties:
Type: Forwarding (IP)
Source Address: 0.0.0.0/0
Destination Address/Mask: x.x.x.x/29
Service Port: *
Configuration:
Protocol: All protocols
Security Policy:
DoS Protection Profile: DDoSProfile (Network and DNS enabled only)
Now, moving on to my goal of implementing Bot Defense. Since Bot Defense applies only to HTTP service ports, do I need to set up two different Virtual Servers? Additionally, I want to apply a DoS profile that includes HTTP, along with Network and DNS protection (i.e., Network + DNS + HTTP).