Is it possible to redirect traffic from root domain (myapp.azurewebsites.net, where access restriction is set for Front Door) to Azure Front Door address?

david.b 1 Reputation point
2022-09-26T12:16:17.647+00:00

Hello,

I have a web application in Azure app service, this has the myapp.azurewebsites.net address. This address was used for a while by the clients.
I created a Front Door for the application and now I want to redirect the clients from myapp.azurewebsites.net to the Front Door URL.
Additionally, I have to set access restriction to the app service to allow only the Front Door backend.

How would this redirection be possible?

Best regards,
David

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,182 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Priya Kumar 1,096 Reputation points Microsoft Employee
    2022-09-27T06:34:50.897+00:00

    @david.b Thanks for reaching out to us.

    If I have understood your question, you are trying to place the App Service behind the “Frontdoor” and should enable the access to the App Service only from “Frontdoor” configured?

    • If my understanding is right, then you could achieve the same using X-Azure-FDID which is the AFD ID unique for every AFD.
    • Look for the Front Door ID value under the Overview section from Front Door portal page. You can then filter on the incoming header 'X-Azure-FDID' sent by Front Door to your backend with that value to ensure only your own specific Front Door instance is allowed.
    • This could be achieved by “access restriction” option in the app service.

    Access restriction advanced scenarios

    The following sections describe some advanced scenarios using access restrictions.

    Filter by http header

    As part of any rule, you can add additional http header filters. The following http header names are supported:

    • X-Forwarded-For
    • X-Forwarded-Host
    X-Azure-FDID
    • X-FD-HealthProbe

    For each header name, you can add up to eight values separated by comma. The http header filters are evaluated after the rule itself and both conditions must be true for the rule to apply.

    Document:
    https://learn.microsoft.com/en-us/azure/app-service/app-service-ip-restrictions#access-restriction-advanced-scenarios

    Hope this helps. :)


  2. Andriy Bilous 11,621 Reputation points MVP
    2022-09-27T07:08:58.607+00:00

    Hello @david.b

    I think what you are looking is to redirect all traffic from your Web App myapp.azurewebsites.net to the Front Door URL.
    What you need is to update your web.config with a redirect rule. You can even edit the web.config in the WebApp's SCM site without even having to FTP in or redeploy.
    https://learn.microsoft.com/en-us/answers/questions/568035/azure-app-service-redirect.html

    Please see this blog for the detailed steps and Microsoft examples for more details

    https://learn.microsoft.com/en-us/answers/questions/568035/azure-app-service-redirect.html

    Here is a blog article that describes your particular case


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.