限制WebApp Services仅接收来自Application Gateway的请求 [英] Restrict WebApp Services to receive requests only from Application Gateway

问题描述

是否有办法限制WebApp仅接收来自Application Gateway的请求。我不希望WebApp可以公开访问（通过他们的.azurewebsites.com DNS名称） - 但只能通过网关DNS访问。

我尝试过配置通过提供Azure网关的前端公共IP地址在App Service中进行IP过滤，但这不起作用。

解决方案

HI Mrina，

您可以根据源IP限制对WebApp的访问。 如果您使用ARM模板进行构建，则可以使用  SiteConfig.IpSecurityRestrictions属性完成此操作。

或者通过Azure门户，它列在WebApp的"网络"刀片上的"访问限制"下，如下面的屏幕截图所示。

如果添加应用网关IP到允许列表，然后其他IP应该被拒绝。

让我知道是否不清楚： - ）

谢谢，

马特

Is there a way to restrict WebApp to receive requests only from Application Gateway. I do not want the WebApp to be publicly accessible (via their .azurewebsites.com DNS name) – but should be accessible only via the Gateway DNS.

I had tried configuring IP Filter in App Service by providing Azure Gateway’s Frontend public IP address but this is not working.

解决方案

HI Mrina,

You can restrict access to WebApps based on source IP.  If you are using an ARM template for the build then this is done with the SiteConfig.IpSecurityRestrictions property.

Or via the Azure portal, it is listed under 'Access Restrictions' on the 'Networking' blade for the WebApp as shown in the below screenshot.

If you add the App Gateway IP to the allow list then it other IPs should be rejected.

Let me know if that isn't clear :-)

Thanks,

Matt

这篇关于限制WebApp Services仅接收来自Application Gateway的请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！