When setting up Azure application gateway external URL redirection, is it possible to rewrite, without changing the URL in browser address bar ?
If my understanding is correct, you want to access the application gateway website (usually xxx.cloudapp.net) or public IP address and redirect to an external website like www.bing.com.
It's impossible that the URL keeps displaying the xxx.cloudapp.net once redirecting to the www.bing.com. Since you have not owned the domain www.bing.com, you can not take control of an external site. Also, you use URL redirection. Certainly, the URL will redirect to another site. If the redirection URL is still the same as the original URL. Then the DNS could not resolve the redirection URL.
Application Gateway redirect overview
Hope this makes sense.
Related
I have a domain that is protected through Azure b2c. The way I set it up is that a domain linked through Azure front-door is the login domain.
login.contoso.com
The app domain is
my.contoso.com
What is happening is that when I go to login.contoso.com (without any routing or path redirect uri's) directly it will default to a 404 error and land on this page
The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
To note, the correct path works. i.e. login.contoso.com/<token>azureb2c...
The issue is how to I handle the 404 error?
I'd like to default direct that to my main domain site i.e. contoso.com or someotherpage.
The odd part for me is that because the domain, sub-domain, is login.contoso.com I don't think there is actually a page from Azure emitting that. I think, correctly, that is just my domain's way of handling 404's or wrong page.
I already handle the redirect if the person goes to my.contoso.com and isn't logged in they go directly to login.contoso.com However, I don't think i'm handling the 404 errors correctly because anything outside of that emits the previously described error screen.
So I think the question is, how can I direct a subdomain's 404 to a url of my choosing of a domain that is setup through Azure front-door?
Is that just in the same permissions of my webconfig for the main app service domain ie., contoso.com? Or, is it the webconfig of the app service specifically for the subdomain my.contoso.com?
• You can surely configure the redirection for your different subdomains from a particular subdomain URL while logging in or any other kind of activity like session auto-logout after token expiration by configuring the correct routing rules for redirection in the Azure front door classic version.
Kindly check the snapshot below as demonstrated according to your requirement: -
Thus, according to the above snapshots, you can configure the redirection for the ‘login.contoso.com’ URL to the desired domain URL of your choice, i.e., ‘contoso.com’ or ‘someotherpage.com’ for in Azure AD B2C too.
• Also, in the above snapshot, I have selected ‘Temporary Redirect (307)’ for HTTPS protocol as according to the below documentation link, the target resource is temporarily under a different URI. The user agent MUST NOT change the request method if it does an automatic redirection to that URI. Since the redirection can change over time, the client ought to continue using the original effective request URI for future requests.
https://learn.microsoft.com/en-us/azure/frontdoor/front-door-url-redirect?pivots=front-door-standard-premium#redirection-types
As you want the redirection to happen for the ‘login.contoso.com’ URL when you redirect to that page, it will surely happen when you configure it accordingly as above since this redirection is temporary according to the situations stated above.
I have a site in Azure. Pages are generated by Azure Functions, but for a given URL generated page will always be identical, so I put it behind a CDN endpoint. I added custom domains to the endpoint: www.example.com is the main domain and there is also a naked domain version example.com, but any request to it is redirected to the www.example.com. Any http requests are also redirected to https. Both redirects are performed by returning redirect result from Azure Function.
So, both http://example.com and http://www.example.com properly redirected to https://www.example.com. The problem arises if someone tries to access https://example.com. The certificate served for this url is *.azureedge.net and the browser predictably displays a warning message (if instructed to proceed - it receives a redirect and works fine after that).
When I try to enable Custom HTTPS on example.com - I get an error Enabling Https with CDN Managed Certificate is not supported anymore for apex (root) domains.
Is there any way I can fix this, perhaps instruct a redirect from example.com to www.example.com on DNS level? I've seen suggestions to use alternative CDNs available in Azure, but I'm not ready to go down that route yet.
As you've discovered, as of April 2021 Managed certificates are not supported on Apex domains. The only supported way to get round this at present is to upload your own certificate (either free or purchased) or purchase one through KeyVault.
Having said that, Jack Tracey has put together a list of instructions to achieve this in an unsupported manner.
I'm trying to use the recently announced (in preview) managed certificates for Azure app service. One of the limitations is that you can't get one for naked domains. eg.: you can get one for www.domain.com, but not domain.com.
In my (current) web.config, I'm redirecting from 'naked' to 'www' anyway using rewrite rules, so beeing limited to 'www' is not a real problem. However, as the redirect takes place at the web.config level, that is, after the request has hit the webserver, this is too late: when 'domain.com' gets hit and tries to redirect, the browser has already seen the insecure connection to the naked domain (depending on browser) will display a warning page.
So how is one supposed to do deal with the "naked" domains? No more redirects at all? Or are there other methods to do this besides web.config configurations? I did look, but did not find anything.
Adding to Jack's suggestions.
Currently, the preview offering only supports CNAME based validation. Thanks for the feedback and it is on our list of future improvements to consider however we do not have any ETA on this yet. So, request you to up-vote this feedback post on Uservoice-
https://feedback.azure.com/forums/169385-web-apps/suggestions/38981932-add-naked-domain-support-to-app-service-managed-ce
Alternatively, you may try to forward apex domains to subdomain such as www.
So based on your requirement, to redirect -
https://yourdomain.com -> https://www.yourdomain.com
If you are using App Service Domain, you can forward your domain by going to 'Advanced Management portal' of the domain resource.
So, after a long time, Azure finally supports this. One can simply use a managed cert for naked domains.
See here: https://azure.github.io/AppService/2021/03/02/asmc-apex-domain.html
In this scenario, I think a redirect is necessary.
We can get some clues from other international websites. For example: when I try to access http://google.com, actually I will get a 301 redirect which redirects me to http://www.google.com, and then I will get a 302 redirect which redirects me to https://www.google.com/?gws_rd=ssl
So, as managed certificate does not support naked domain. I suggest you directly add your www subdomain to your web app. And then create managed certificate to that www subdomain.
And, finally, you can add 301 and 302 redirect rules in your DNS provider, which will ensure all requests to naked domain will be redirected to www subdomain. This could be done in your DNS provider before your web app.
So after some time trying things, here's how i ended up dealing with this:
- Using managed domain certificates for all hostname.Domain.tld names
- Using the letsencrypt script (from extensions) to get a cert for the naked domain
Once azure will provide certs for the naked domain, i will retire the script.
I have a setup like this:
A website at domain abc.com
Azure CDN points to it. So if you go to abc.azuredge.net you see abc.com
content. In the URL bar you see abc.azuredge.net.
I have another domain, qwe.com, I want abc.qwe.com to be the custom domain for the CDN endpoint.
In qwe DNS settings, I set a CNAME record, for abc to point to abc.azuredge.net.
I add the abc.qwe.com as a custom domain in the CDN endpoint.
My expectation:
I go to abc.qwe.com. I see abc.com content, from abc.qwe.com domain.
What happens: I go to abc.qwe.com, it responds with a parmanent redirect to abc.com.
Did I miss configured something, or it's supposed to work this way? I don't understand why it doesn't do a redirect on abc.azureedge.net, but if I add a layer on top of it, suddenly it just redirects to the origin.
In my case it ended up being not related to CDN. It was actually rules on a server that were doing a redirect under certain conditions, e.g. http to https, or www redirect.
As a side note, https redirect can be tricky. Now chrome uses https by default, so if you type in the url, it will go to https, thus no redirect. But if you select your custom domain text in azure portal and choose "go to xxx", it will actually go to http version, which will result in a redirect. So you might be under impression that you are going to https and it was redirecting, when in fact it was http.
I was planning to delete the question, but Erik H commented that he's having same issue so I decided to self-answer. Maybe it will help someone.
I have 2 websites in my hosting account at bluehost. The main domain (maindomain.com) has an SSL and there is one registration page where I need to use https//www.maindomain.com.
I also have an add-on domain (addondomain.com) and am hosting the website for that in the same account. There is no necessity for a secure connection.
However, I want to make sure that if https://addonsite.com is used, it redirects to http://addonsite.com. The reason is that now if you go to https://addonsite.com, it shows that in the URL address window, but the maindomain.com website loads.
I have tried adding redirects to both .htaccess files (for maindomain.com and addondomain.com), but cannot seem to get it to work. Is it possible to do this with a main domain and add on domain if there is an SSL on the main domain?