416 questions
0
votes
0
answers
70
views
Setting up Azure AD B2C with a custom domain via Azure Front Door
We have two Entra ID instances in two different subscriptions, one is production, one is demo. I already have an application deployed in the demo subscription that is integrated with the Azure B2C ...
- 486
1
vote
1
answer
118
views
How to prevent Azure front door caching a SPA index.html
I have an Azure front door (afd) with a route and rule set to serve a SPA, as is quite normal, I don't want the index.html cached but do want all the other files cached. I created a rule-set and rules ...
- 577
7
votes
0
answers
122
views
HTTP/2 file upload performance to Azure Front Door Standard significantly worse in browser JavaScript compared to cURL
I'm experiencing significant performance degradation when uploading files to Azure Blob Storage via Azure Front Door using browser JavaScript compared to cURL.
Environment
Files: 10 images, ~111MB ...
- 634
0
votes
0
answers
107
views
Issue adding default ruleset to Azure WAF Policy for Azure Front Door Premium
I am trying to create a WAF Policy and assign it the Microsoft_DefaultRuleSet 2.1. I am using Azure CLI 2.76,0
I am getting this error:
(BadRequest) WebApplicationFirewallPolicy validation failed. ...
- 115
-1
votes
1
answer
170
views
Azure Front Door returns 403 Forbidden when routing to Azure Static Web App (Standard tier) but works with Free tier [closed]
I'm using Azure Front Door (Standard) to route traffic to two Azure Static Web Apps (SWAs) that run the same statically exported Next.js code (next export).
✅ When routed to SWA A (Free tier), it ...
- 2,475
2
votes
0
answers
102
views
Azure Front door redirect to specific origin
We have an Azure Front Door configured as follows.
every customer does have it's own url, that all comes in in Front Door.
We have multiple versions of our software, let's call those v1, v2, v3 etc......
- 43
1
vote
1
answer
174
views
Configuring Azure Front Door (with Azure CLI): Adding route with multiple custom domains
I am configuring AFD with az cli and I am running in an issue.
I have two custom domains:
$afd_custom_domain_1="www-mydomain-com" #this is id for domain 1
$afd_custom_domain_2=&...
- 115
-1
votes
1
answer
352
views
Azure front door redirection is not working
I want to configure AFD rule set that is ;
We need to redirect
https://about.ads.microsoft.com/content/dam/sites/msa-about/global/common/content-lib/pdf/the-future-of-search-guide-whitepaper-zf-c4.pdf
...
0
votes
0
answers
100
views
FrontDoor rule to serve trigger an Azure function in case of missing blob
I've a blob storage that has some pre-calculated images. It may happen that a particular size is not already built, and in this case, I would like to have the blob storage or the Azure Front Door/CDN ...
- 3,967
0
votes
1
answer
124
views
Azure APIM IP Policy does not allow Azure Front End Door IP ranges
We are using Azure APIM management to call the API from various clients. However, we use IP restrictions so that only specific IP addresses can call our API.
Our main application (website) is now ...
- 3
0
votes
1
answer
70
views
Azure Policy - restrict creation of Front Door to Standard SKU Only
I want to limit by Azure Policy the creation of Azure Front Door resources to Standard SKU only.
I'm struggling to figure this policy out. So far I have.
{
"mode": "All",
"...
- 2,118
0
votes
1
answer
174
views
Azure Frond Door Standard: Rate limit error when regenerating TXT record for custom domain
I have created a bash script to configure Azure Front Door with a custom domain. However I have run into a strange issue: When generating a TXT value to add to Azure DNS Zone I get the error ERROR: (...
- 115
0
votes
1
answer
317
views
Allow a custom content-type in Azure Front Door WAF without bypassing rules
We have an application that uses application/merge-patch+json extensively for PATCH requests. When it is deployed behind Azure Front Door, the firewall complains that the content type is not allowed ...
- 6,318
1
vote
1
answer
120
views
Simple Azure Front Door configuration not working
I am trying to setup a basic AFD setup where the origin is a static website in Azure Storage.
I keep getting a "The request URI is invalid. HttpStatusCode: 400, ErrorCode: InvalidUri ..." ...
- 115
-1
votes
1
answer
334
views
Configuring Azure Front Door with Azure CLI issues [closed]
I am trying to create and configure Azure FrontDoor for an Azure WebApp, and I am not getting any good results.
Here is what am I trying to do:
I Have a custom domain (mydomain.com), which I am ...
- 115
0
votes
1
answer
143
views
Cannot add A (alias) record for Azure Front Door in Azure DNS (with Azure cli)
I am trying to set up a custom domain for Azure front door. This is what I am doing:
I have an Azure DNS setup (sofad.com) for the domain (and already configured)
I have an instance of Azure Front ...
- 115
0
votes
1
answer
85
views
Terraform using flatten with nested objects
Here is my situation, I am trying to deploy a legacy Azure Frontdoor instance to the new version of AFD and do it via Terraform.
Here is an excerpt from my locals block for the Firewall policy:
...
- 407
0
votes
1
answer
535
views
Problem with the same custom domain with Azure-managed certificate on both an app service and a Front Door endpoint?
I have an app service with a custom domain and an Azure managed certificate, which has worked fine for years. Recently I added a Front Door profile and of course added the same custom domain to that, ...
- 921
0
votes
0
answers
93
views
Unable to add custom rule programmatically for Azure Front Door WAF policy
I am using following code add the custom rule. I am getting success message. But, custom rule is not being added to the policy. Please let me know if I miss something.
I see that there is no ...
- 173
0
votes
1
answer
109
views
Azure Front Door Pipeline Plan failed for Key in frontend_endpoint map not found
I have deployed App service (azapp-af-advanced-braintreewebhook-callback-web-qc) with
domain_fqdn = "events.staging.paynow.aon.com"
key_vault_certificate_name = "uat-...
- 11
0
votes
1
answer
133
views
How can I use Bicep to create an Azure DNS alias record?
We use Bicep to manage our DNS records.
I have recently set up an Azure Front Door profile with custom domains, which is working fine. One of the custom domains is an apex domain, so the Azure portal ...
- 921
0
votes
2
answers
642
views
Does Azure Front Door work with private VM as backend?
We have a Premium Azure Front Door (AFD) instance and a private Windows VM deployed in its own VNET, acting as a web server. Due to company policies, we cannot assign a public IP to the VM.
Currently, ...
- 1
0
votes
1
answer
131
views
Issue with Migrated Domain on Azure Front Door - Unable to Associate New Route
I am facing an issue with my Azure Front Door on the Standard plan, which was migrated from the Classic plan. This Front Door uses a "migrated domain", which is the default domain generated ...
- 11
1
vote
1
answer
230
views
Azure FrontDoor not serving up images from blob storage
I have the following:
`
resource "azurerm_storage_account" "website_storage" {
name = "storagename"
resource_group_name = ...
- 2,734
-1
votes
1
answer
217
views
Force Replacement in azurerm_cdn_frontdoor_security_policy terraform
I am running terraform code to provision the Security policy to associate in WAF in Azure Front Door
MY issue is when i add new end_points under each domain terraform making force change in all ...
- 55
1
vote
1
answer
354
views
Azure Front Door WAF IP restrictions on azure static web apps
I've been working on setting up Azure Front Door custom rules for IP restrictions on Azure Static Web Apps. So far, I have:
Enabled the static web app to integrate with Front Door.
Created a WAF ...
- 11
0
votes
1
answer
378
views
Azure front door Custom domain automatically approved without validation
We are trying to create custom domain example: bb.aa.co.uk and cc.aa.co.uk existing Front Door profile which contains existing cusom domains (dd.aa.co.uk) but those newly created custom domains ...
1
vote
1
answer
237
views
Bicep Error: The resource is not defined in the template
I am getting this weird issue in Bicep where when I try to deploy the security policy for Azure Front Door it works when custom domain is defined but when no custom domain is defined and trying to use ...
- 1,002
0
votes
1
answer
272
views
Nginx is dropping part of request path in the request URL when redirecting after adding a trailing slash
I have a horrible issue with Nginx. I have a service like https://td22-2.test.net/ I use Azure Frontdoor to forward requests from https://example.net/td/22-2/ to it. My Azure Rules are attached The ...
0
votes
1
answer
588
views
How to display all azure blobs with the attached azure front door
I have a blobs in storage container which is having a list of blobs.
Now I want to share it with my front door url with users where they will be able to see all the blobs allowing them to download.
...
- 63
0
votes
2
answers
409
views
How to configure Azure Front Door with Azure API Management (APIM) custom domain without changing the CNAME to APIM?
I’m trying to configure a custom domain for my Azure API Management (APIM) gateway while routing traffic through Azure Front Door.
Here’s my setup:
Custom Domain: api.mydomain.de
Front Door:The custom ...
1
vote
1
answer
83
views
Is there any sdk for .net core for create standard front door?
Is there any sdk for .net core for create standard front door?
I'm currently working on a project using .NET Core, and I need to create an Azure Front Door Standard instance programmatically. I've ...
- 23
0
votes
1
answer
410
views
Terraform Azure Frontdoor Static Site
I am trying to create a simple static site with Terraform on Azure using storage and Frontdoor. I want to eventually have a serious web app running there. But for now I just want to access my index....
- 643
0
votes
1
answer
272
views
Unable to connect to application hosted behind azure front door from a VM hosted in a vnet
I have deployed a virtual machine in a dedicated private vnet and enabled outbound connections through azure firewall to external public. I have added an application rule in firewall with an entry to ...
0
votes
1
answer
259
views
Replace Azure Front door with API Management
At the moment we are using azure front door for networking and exposing the service to internet. Now we want to use just the API Management to provide the service to the clients and remove Front Door ...
- 11
0
votes
1
answer
114
views
Terraform resource group name for the creation of alerts for azure front door
Implementing an alert through terraform for the azure frontdoor status.
having an example for the virtual machines
name = "resource_health_alert"
description = &...
- 63
1
vote
2
answers
856
views
Azure Frontdoor is Overwriting XFF header
I am trying to set up an Azure Front Door before requests reach my api.
The flow I have imagined mydomain.com -> AFD -> fdsub.mydomain.com
If i call fdsub.mydomain.com directly, the XFF looks ...
- 31
0
votes
1
answer
2k
views
How to Query User Access Logs for Azure Front Door
I am trying to analyze user activity through Azure Front Door by querying logs in Azure Log Analytics.
I want to find out how many users accessed a particular domain (www.disforum.com) in the last 90 ...
- 105
1
vote
2
answers
390
views
Azure Front Door very slow failover with 403 or 502 status from web app [closed]
I've done some significant testing of AFD in an attempt to reach the following outcomes:
Zero downtime deploys (Blue/Green)
Automatic / immediate failover due to app service being stopped or ...
- 21
3
votes
3
answers
1k
views
Azure front door stops working with caching enabled
We've run into a very strange issue trying to setup azure frontdoor CDN. We've built a react front end client and all assets are configured to use the CDN URL so when the client loads in the browser, ...
- 4,448
1
vote
2
answers
692
views
How to retrieve the front door id from a Microsoft CDN (classic)
I have created a Microsoft CDN (classic) in Azure and I need to retrieve the value of the X-Azure-Fdid.
This value is not displayed in the Microsoft Azure Portal nor it is returned in the Azure CLI ...
- 4,530
0
votes
0
answers
642
views
Azure API Manager behind frontdoor with Mutual TLS (mTLS)
Public traffic of our application is currently routed through frontdoor Premium and then forwarded to API MANAGER where it is forwarded to the service running on kubernetes.
One issue I have is the ...
- 359
0
votes
1
answer
536
views
Azure Frontdoor health probe DNS resolution when using PrivateLink
We are trying to set up Azure Frontdoor in front of AKS.
We would like to use HTTPS between frontdoor and AKS, and also use a private link.
We use cert-manager to handle the certificates in AKS. This ...
- 309
-1
votes
1
answer
872
views
Azure Front Door - How do I use regular expression in "Patterns to match"
I am trying a Azure Front Door route configuration based on the below path in the URL and I am not able to use it directly as shown. looks like "?" is causing this error and if I remove ?, ...
1
vote
1
answer
343
views
Sorce IP with Azure Front Door and Ingress-nginx
I have a keycloak instance running on kubernetes. Users are accessing keycloak via AzureFrontDoor->Ingress-Nginx->Kubernetes
I am trying to get keycloak to display the source IP of client ...
- 359
0
votes
1
answer
638
views
Angular Azure App Services Content Security Policy Nonce
I posted this same question on ServerFault but don't seem to be getting much traffic there, so figured I might post it here too.
I'm trying to implement a nonce for our CSP header policy. I'd like to ...
- 896
1
vote
1
answer
532
views
Azure Front Door somethimes does not apply the expected block-action
In Azure Front Door, I have a Front Door WAF policy with a custom (example) rule that blocks all IP addresses starting with 111.222.:
(where 10 is the lowest Priority, so first to be applied)
When ...
- 171k
0
votes
1
answer
560
views
Azure Front Door Content Encoding with disabled caching doesn't pass through from origin server
I am setting up an instance of Azure Front Door (AFD) for a public-facing website to help improve its global page speed performance.
For the root documents/HTML I don't have caching enabled (at the ...
- 697
0
votes
0
answers
737
views
Azure Front-door TCP_MISS even with Cache-Control: public
The Azure Front-door honours the cache headers from origin, so I can see the
Cache-Control: public, max-age=3600, s-maxage=1500
but then, underneath, the X-cache header is always TCP_MISS, what am I ...
- 3,803
1
vote
1
answer
121
views
Can't upload file to azure front door origin group based on latency?
I am stuck at this problem for two days.
I have added 4 blob storage origins in a single origin group at azure front door. I am doing hit and trial on blob sas tokens.
I have not updated any settings ...
- 11