To restrict a domain from public access in Azure

Lakshmi Narayanan 71 Reputation points
2021-07-28T02:05:55.24+00:00

Hi Team, I have application server which is mapped to application gateway with WAF 2. My application servers, have multiple services with different port. Like Port 443, 8080 and 8443. Especially HTTPS port - 443 pointed to two domains. For example: https://a.example.com and https://a1.example.com. Everything working fine. Now my client asking us to setup https://a1.example.com domain should be access in some IP ranges whereas https://a.example.com should be access to all. I know, if both domains are different then we can restrict from Network security group. But my case is both domains are listening on 443 Port. Can any please help me or advice on this? Is there any way to restrict one domain from APG or WAF or NSG or anywhere?

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,083 questions
Azure Web Application Firewall
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. GitaraniSharma-MSFT 49,591 Reputation points Microsoft Employee
    2021-07-30T12:11:41.313+00:00

    Hello @Lakshmi Narayanan ,

    Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

    If you want block specific URL on Application gateway, you can use per-site WAF policies with custom rules feature in WAF V2 SKU to block the URL successfully.

    Reference : https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/create-waf-policy-ag
    https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/per-site-policies
    https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/custom-waf-rules-overview
    https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/create-custom-waf-rules

    Kindly let us know if the above helps or you need further assistance on this issue.

    ----------------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.