"502 Bad Gateway" on Application Gateway when "Override with new host name" is disabled, redirect issues when enabled

Muhammad Elzedy 0 Reputation points
2024-09-28T15:49:09.3566667+00:00

Hello,

I am creating an Application Gateway to forward traffic to an Azure App Service with the domain: aladwaa360.azurewebsites.net. However, I’m facing two issues with the host name override feature:

502 Bad Gateway with host name override disabled: When I access the Application Gateway's public IP, I receive a "502 Bad Gateway" error if the "Override with new host name" option is set to No in the backend settings.

Redirection issue with host name override enabled: When I set the "Override with new host name" option to Yes, the gateway works, and I can access the app service through my custom domain (staging.example.com). However, I encounter a new issue related to redirection.

  • I have a login form on the app service. Upon successful login, it should redirect me to the main app at staging.example.com. However, what happens instead is:
    - After logging in, the URL briefly changes to `staging.example.com` but then quickly redirects back to the default App Service URL (`aladwaa360.azurewebsites.net`).
    

Configuration Details:

  • I’ve set up a custom domain for the Application Gateway: staging.example.com.
  • The login form sends me to another application (hosted on staging.account.example.com) and is supposed to redirect back to staging.example.com after successful login.

Goal: I need to ensure that, after logging in, the browser's URL remains as staging.example.com (instead of reverting to the default aladwaa360.azurewebsites.net). Additionally, I plan to route traffic based on the URL path (e.g., /qrcode should route to a different backend service).

Questions:

  • Why does this redirection back to the default app service URL happen?
  • How can I ensure that the custom domain (staging.example.com) remains in the browser's address bar, even after logging in?
  • What is the best way to set up the Application Gateway to handle routing traffic to different backends based on the path?
Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,072 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. KapilAnanth-MSFT 45,686 Reputation points Microsoft Employee
    2024-09-30T05:46:27.1133333+00:00

    @Muhammad Elzedy ,

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    I understand that you are facing issues with HostName while using a reverse proxy such as Application Gateway.

    Your case is a classic and is explained here : Preserve the original HTTP host name between a reverse proxy and its back-end web application.

    • This is more of a design issue rather than Application Gateway or Backend App Service's configuration issue.
    • The exact issue is : Incorrect redirect URLs
    • User's image

    This is why you are being redirected to the App Serice instead of the App Gateway (reverse proxy).

    Now to answer your queries,

    1 . Why does this redirection back to the default app service URL happen?

    • I believe the document I shared above explains this issue.

    2 . How can I ensure that the custom domain (staging.example.com) remains in the browser's address bar, even after logging in?

    • The recommendation is to have a single/same domain in both the App Gateway and the backend App Service.
    • i.e.,
    • This way, both the service and the App Gateway will have the same domain "staging.example.com" and there is no redirection in the first place.
      • i.e., all URLs become same
    • Make sure to update your Identity providers with the URL of the App Service as "staging.example.com" and not the default "<AppServiceName>.azurewebsites.net"

    See : Implementation guidance for common Azure services

    If you host your web application in App Service, you can attach a custom domain name to the web app and avoid using the default azurewebsites.net host name toward the back end. You don't need to change your DNS resolution when you attach a custom domain to the web app: you can verify the domain by using a TXT record without affecting your regular CNAME or A records. (These records will still resolve to the IP address of the reverse proxy.)

    3 . What is the best way to set up the Application Gateway to handle routing traffic to different backends based on the path?

    Hope this clarifies.

    Thanks,

    Kapil


    Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.