We have some Azure WebApps (AppServices) deployed, and have implemented the IP address restrictions so that only traffic from a defined set of networks is allowed through.
Periodically, however, we are receiving HTTP 403 Ip Forbidden error messages on the AppService, even when access was previously allowed through, and neither the firewall rules, or our outgoing IP address, has changed.
It seems to come and go (we had one that was failing yesterday, but was working this morning). Deleting and recreating the webapp seems to resolve the issue, as well as removing all the IP address restrictions.
Is there a way to debug these errors? I can't see the responses in the Log Stream or any other item in the AppService blade, so it would be good to find somewhere that says "Request from IP x.x.x.x was blocked due to restrictions" or similar.
> curl -I https://xxxxxx-xxxxxx-xxxxxx-315-xxxxxx-api.azurewebsites.net/api/Clients?status=Active
HTTP/1.1 403 Ip Forbidden
Content-Length: 2345
Content-Type: text/html
Server: Microsoft-IIS/10.0
Date: Fri, 07 Feb 2020 04:27:00 GMT
The apps are deployed as Linux containers, running on a B1 service plan.
I have seen reference that this error could come about due to quotas being exceeded, but I can't see anything that refers to an exceeded quota (everthing appears to be within the allowed limits).