Do Azure Web Apps use a public ip blacklist?

Question

Do Azure Web Apps use a public ip blacklist?

Tim Rogers 0

I have a customer who has an IP that it in our web apps public site access rules. They were running for a while yesterday but today they cannot connect. Their IP is listed on Spamhaus blacklist. Would that stop them connecting to an Azure Web App website?

Alekhya Vaddepally 1,670 Reputation points Microsoft External Staff Moderator

2025-04-28T09:22:08.58+00:00

Hi Tim Rogers,
We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution, please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.
Alekhya Vaddepally 1,670 Reputation points Microsoft External Staff Moderator

2025-04-29T08:54:18.1533333+00:00

Hi Tim Rogers, We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution, please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.

1 answer

Your answer

Alekhya Vaddepally 1,670 Reputation points Microsoft External Staff Moderator

2025-04-28T09:22:08.58+00:00

Hi Tim Rogers,
We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution, please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.
Alekhya Vaddepally 1,670 Reputation points Microsoft External Staff Moderator

2025-04-29T08:54:18.1533333+00:00

Hi Tim Rogers, We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution, please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.

Answer 1

If we have set an IP-based access restriction on our web app, and your IP address is allowed, it should usually allow access. However, if you are using a proxy, VPN, or CDN, your traffic can be rooted through an IP that is not clearly allowed.
While Azure does not basically block IPS depending on spamhaos or other public blacklist, some components such as Azure Front Door, App with WAF may benefit from the threats like sphemous feeds from the safety solutions of third party, or third party safety solutions. This means that even though IP is allowed in access restrictions, another security layer can reject traffic.
This can also cause access issues if the request is being blocked or resumed due to network-level restrictions (such as your ISP or enterprise firewall regulations). Spamhaus- Listed IPS can be blocked upwards before reaching Azure.

You can also check:

Confirm that your IP is still in the permitted list and has not changed. If you are not using a stable IP then sometimes IPS can change due to DHCP.
If we are using the Azure Front Door, Application Gateway, or a WAF (web application firewall), it can be configured to block the bad IP known based on the intelligence information of danger.
If the IP is on the blacklist, it is a good idea to request to remove. If the listing is not caused by malicious activity, spamhaus provides a quick removal form.

https://learn.microsoft.com/en-us/azure/app-service/overview-access-restrictions#site-access
https://learn.microsoft.com/en-us/azure/web-application-firewall/

if you have any further concerns or queries, please feel free to reach out to us.

Share via

Do Azure Web Apps use a public ip blacklist?

1 answer

Your answer