How to redirect users who try to hit App Service link directly to a domain

Question

How to redirect users who try to hit App Service link directly to a domain

Anonymous

Hi,

Currently we have an App Service with no inbound restrictions. We want to enforce inbound restriction so that users will have to use the domains setup and access will happen from AFD. If we do that we will get the below error for users who directly hit the App service URL. Instead, we want to redirect them to the domains we have setup. Users will see this error screen and get confused. Is there any possible way to accomplish this redirection?

Screenshot shows the text of Error 403 - Forbidden.

Ajay Kumar N 28,161 Reputation points Microsoft Employee Moderator

2024-10-23T18:31:04.2466667+00:00

Mohammed Ahmed (MAQ LLC) , Just checking in to see if you had got a chance to see the previous response. If the answer helped (pointed you in the right direction) > please click Accept Answer Or please share the requested/more info to help you better.

1 answer

Your answer

Ajay Kumar N 28,161 Reputation points Microsoft Employee Moderator

2024-10-23T18:31:04.2466667+00:00

Mohammed Ahmed (MAQ LLC) , Just checking in to see if you had got a chance to see the previous response. If the answer helped (pointed you in the right direction) > please click Accept Answer Or please share the requested/more info to help you better.

Answer 1

Deepanshu katara 18,140 MVP Moderator

Hello , Welcome to MS Q&A

To enforce inbound restrictions on Azure App Service and redirect users who directly hit the App Service URL to the setup domains, you can follow these steps:

Set Up Access Restrictions: - Configure access restriction rules that allow or deny traffic based on IP addresses or Azure Virtual Network subnets. This can be done by setting up a priority-ordered allow/deny list that controls network access to your app. If a request does not match any rules, it will receive an HTTP 403 status code.

Implement URL Redirection: - You can implement URL redirection within your application code or use Azure Application Gateway. By configuring the Application Gateway to restrict access, you can ensure that only traffic from specific sources is allowed, effectively redirecting unwanted traffic.

References:

Kindly accept answer if it helps

Please let us know if further questions

Thanks

Deepanshu

Anonymous

2024-10-24T16:47:43.67+00:00

Thanks for your reply.

I am aware about the first part of restricting access from the Web App. My main concern is that after I restrict access if some users still try to access the App Service directly (instead of the via the domains which have an Azure Front Door handling behind them), they should not be blocked as in the SS I shared, but instead be redirected to the domain of choice.

I am not sure if Application Gateway will help solve that. Anyways we are using Azure Front Door in our solution.
Ajay Kumar N 28,161 Reputation points Microsoft Employee Moderator

2024-10-25T19:42:22.5033333+00:00

Thanks for the follow-up and additional info on it.

You may also checkout the approaches outlined by my colleague in their personal article:
Azure Front Door (AFD) & App Gateway + App Service (Web App) unexpected issues and common solutions (this is not an official document)

Share via

How to redirect users who try to hit App Service link directly to a domain

1 answer

Your answer