Share via

Understanding Azure Storage HTTP Support for Custom Domain Names

Abdul 2,655 Reputation points Microsoft External Staff Moderator
2024-07-31T09:16:43.95+00:00

What does it mean when Azure storage doesn't support HTTP for custom domain names, and what are the effects on my storage account if I enable Secure Transfer Protocol?

 "PS - Based on common issues that we have seen from customers and other sources, we are posting these questions to help the Azure community."

Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Abdul 2,655 Reputation points Microsoft External Staff Moderator
    2024-07-31T09:37:25.1333333+00:00

    Greetings!

    When Azure Storage indicates that it does not support HTTP for custom domain names, it means that all requests to the storage account using a custom domain must be made over HTTPS. Using HTTP is not allowed and will be blocked if Secure Transfer Protocol is enabled. Enabling Secure Transfer Protocol ensures that all data transmitted to and from Azure Storage is encrypted, enhancing security.

    If Secure Transfer Protocol is enabled on your storage account, any requests made over HTTP will fail. This is a security feature to prevent unencrypted data transmission. To ensure that your custom domain configuration is compliant with this security feature, you should:

    1. Enable log analytics on the storage account to monitor requests.
    2. Query for any incoming requests that use HTTP.

    Here is a sample query to help you identify such requests:

    
StorageBlobLogs

| where AccountName == "<YourStorageAccountName>"

| where Protocol == "HTTP"

    By identifying and addressing any HTTP requests, you can transition to using only HTTPS, ensuring compliance with Secure Transfer Protocol and maintaining the security of your data.

    Resources:

    Hope this helps. If you have any follow-up questions, please let me know. I would be happy to help.

    Please do not forget to "up-vote" wherever the information provided helps you, as this can be beneficial to other community members.

    0 comments
  2. Azar 31,615 Reputation points MVP Volunteer Moderator
    2024-07-31T09:38:33.3+00:00

    Hi there Abdul

    Thanks for using QandA platform

    I believe it means all custom domains linked to your storage account must use HTTPS, making sure encrypted data transfers. Enabling HTTPS will increasr the security by preventing threats and helps comply with regulatory standards, and requires all applications accessing the storage to use HTTPS. This might need code or configuration updates if they currently use HTTP. To enable HTTPS only, go to your storage account in the Azure portal, navigate to "Configuration," and enable "Secure transfer required."

    If this helps kindly accept the answer thanks much

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.