How to limit Azure Front Door Cipher Suites Manually - Repeat
Previous thread stated; "Since this thread is too old, I would recommend creating a new thread on the same forum with as many details about your issue as possible. That would make sure your issue has better visibility in the community" Hence,…
Azure CDN on custom domain with HTTPS access and SIP parameter in SAS token uses the incorrect IP address
In april 2024 we encountered an issue where accessing a CDN on custom domain with HTTPS access and SIP parameter in SAS token uses the incorrect IP address always lead to a 401 response. Therefore i started support case 2404240050004042. The SAS-token…
How to limit Azure Front Door Cipher Suites Manually?
Hi, Right now there is a preview feature for Min TLS Cipher Suite on app Services and I know that we have a premium feature for End-to-end TLS with Azure Front Door. We are using Azure Front Door for our Static Website and we have the Premium tier…
How to block all geographic region and only allow specific regions to reach my Azure APIM ?
I have deployed multiple API Management Services (APIM) in my Azure Subscriptions. According to Application Insight, this APIM is hit or maybe attacked by a few thousand requests from around the world daily which my company and product do not have…
AFD custom domain redirects to the origin host name (App service)
We have an App Service. In front of it we have an Azure Front Door. Everything works perfectly with the Front door default domain .z01.azurefd.net. The problem is when I am adding a custom domain in front door following the steps from the steps from this…
When will request header size limit on AFD be raised from 32k to 64 k as APIM
When will request header size limit on AFD be raised from 32k to 64 k as APIM? APIM is 64 k
azure frontdoor origin health percentage is 0%
I configured azure app gateway as my origin and Health probe is also enabled. When I check the Origin health percentage metrics it is showing 0%. What may be the reason for it? How health probe works in terms of Application Gateway? If I have…
How to perform authentication in container apps through Front Door's custom domain?
I have a container app hosting a service that's currently publicly accessible. I'd like to add an authentication/authorization mechanism to the container app so it requires a login from Entra ID first(via front door custom domain). Our container app…
Current Tenant 'xxxx' is not authorized to access linked subscription 'yyyy'
I am trying to connect Azure Front Door Origin to an external (Other Tenant) resource using Private Link Service. When I put the FDQN object into Origin configuration, it comes back with the following error: The client has permission to perform action…
Azure CDN is throwing 421 HTTP Error on Safari
Hi, We're currently proxying traffic to our Azure B2C sign in pages through a Azure Front Door Premium CDN. However, it seems unstable for users using safari (any version). It's common that they receive a HTTP 421 response instead of the intended…
Frontdoor WAF positives unclear
I see out WAF firing on a simple text and I can’t figure out why the rules are triggering (see attached txt) These are all very normal texts, without anything fishy. The only weird thing is that they seem incomplete sentences. But I see nothing that…
Azure Storage Account - Public Access via Azure Front Door Endpoint - Firewall Setting
Hi, I have a storage account static website being accessed via Azure FrontDoor. It works well with "Public network access" option set to "Enabled from all networks". If I set it to "Enabled from selected VNETs and IPs" I'll…
FrontDoor Origin health probe with private link
Hi, I have an AKS and an Azure Frontdoor with an Origin that uses a private link to connect to the AKS internal Load Balancer. I am trying to set up HTTPS between frontdoor and AKS. I use cert-manager to manage AKS certificates. This setup will…
AFD Premium - Redirect adds a Trailing Slash when redirecting to mobile app
Hello, We have an OpenID Connect provider behind an Azure Front Door Classic, and everything is working as expected. We are currently migrating our infrastructure to a new Azure tenant where we have deployed the same application behind an Azure Front…
Azure WAF Security Features in Standard Tier with Front Door
Hey all - I’m looking for insights regarding the security features offered by the Azure WAF when deployed in the Standard tier with Azure FD, particularly in scenarios where the customer does not want to create any custom rules. Given that the Microsoft…
Azure Front Door URL Rewrite rules not working as planned
I have set up Azure Front Door. There are several App Services set up as such: https://www.thisismydomain2021.com/appservice1 --> https://this-is-my-app-service-1.azurewebsites.net https://www.thisismydomain2021.com/appservice2 --> …
Does Front Door origins support wildcard hosts?
I have an AKS cluster behind a Front Door, connected through a private link that is pointing to an internal load balancer. The cluster hosts multiple applications that are accessible through dynamically created subdomains. My setup is as follows: My…
Frontdoor private IP
Hello, I want to migrate some app hosted on VirtualMachine to webservices. Different URL paths will be hosted on different webservices in 2 locations. So, access from outside internet is quite easy- frontdoor, configuration to direct requests to…
as i create the private link service from origin frontdoor ; it gives the same description for the origin though they are different ids
i created a private link service with internal IP from the nginx ingress as aks-ingress then I configured a frontdoor and endpoint; origin group in origin I created test1.dev.example.com and description as test1dev and assigned to aks-ingress…
Azure AD B2C can't set cookie with cross domain.
I have a custom domain set and verified in the Microsoft Entra ID. I also have Azure Front Door Classic that will route the request to my azure b2c tenant. i.e: accounts.contoso.com/tenant.onmicrosoft.us/.../authorize -> Azure Front door Classic…