I have created a Cloud service with 2 web roles (one is the "public" site, and the other is the "admin backend").
I deployed the solution in azure, and the cloud service with the web roles were created. I can access both sites using:
FrontEnd
http://my-app.cloudapp.net:80/
BackEnd
http://my-app.cloudapp.net:8080/
Here is the problem: I would like to access the backend as a subdomain of the main site. I tried to update the DNS (GoDaddy) playing with the CNAME, but I have not been able to find a solution since it seems that I cannot use port numbers. One solution could be to create 2 Cloud Services, each one with just one web role (of course, both using port 80); but due to business requirements it's not a good idea. Any ideas?
FWIW, this is what I would like:
FrontEnd
http://my-app.com
BackEnd
http://dashboard.my-app.com
You should be able to add two CNAMES or A-records with your hostnames, pointing to the same site/port. You can then use URL rewriting to map the hostnames to different directories, something like (the untested);
<rewrite>
<rules>
<rule name="Dashboard rewrite" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^dashboard\.my-app\.com$" />
</conditions>
<action type="Rewrite" url="http://my-app.com/dashboard/{R:0}" />
</rule>
</rules>
</rewrite>
This will/should rewrite the access to http://dashboard.my-app.com/test.aspx to http://my-app.com/dashboard/test.aspx, giving the impression to the browser of being two separate applications.
With DNS CNAME you can only point from one hostname to another. Port numbers are a totally different item.
You can install an HTTP reverse proxy server to forward the requests to the proper cloud service. (e.g. HAProxy, nginx, IIS ARR etc.). There are some solutions in this SO question: How do I create a reverse proxy that runs in Azure?
Related
I have myazurecustomdomain.com which points to my App Service, and I have mygoogledomain.ca which has a ressource record to point on my app service. I have assigned those two domains to my app in azure.
Now I want myazurecustomdomain.com to be redirect to mygoogledomain.ca because I have some third party libraries that are subscribe to my .ca domain and I don't necessarily want to maintain my .com domain for now. What is the best way to do this.
If you don't want to maintain the .com the domain now, you could remove the custom domain mapped to your app service. So you will get access to that web app via the current custom domain mygoogledomain.ca or default app service domain like xxx.azurewebsites.net.
When you have two custom domains mapped to your azure app service, you want to redirect one domain to another domain. You could add rewrites rules in the web.config file of your applications. For more information, you could refer to this answer.
<rewrite>
<rules>
<rule name="Redirect all to different domain" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^myazurecustomdomain.com$" />
</conditions>
<action type="Redirect" url="http://mygoogledomain.ca/{R:0}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
We have a site set up on an azure app service. We have an application gateway setup to act as a waf, however it seems to be causing issues with our non www to www redirect which is shown below. The redirect works as expected when browsing directly to the site which points to the waf being the problem. Has anyone experienced this issue. I suspect the host is changed to xxxxx.azurewebsites.net when it forwards the request on but can find no documentation about this. Has anyone experienced this before?
<rule name="Prepend WWW" enabled="true" stopProcessing="true">
<match url="^(.*)$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="^(.*)azurewebsites.net$" negate="true" />
<add input="{HTTP_HOST}" pattern="^(?!www\.)(.*)$" />
</conditions>
<action type="Redirect" url="https://www.{C:0}{PATH_INFO}" redirectType="Permanent" />
</rule>
There is a simple way to directly redirect a none-www hostname in the URL to www hostname on the DNS level without having conditions rules on web.config. You could create a CNAME record that maps non-www domain example.com to www.example.com in your domain DNS provider. Your domain DNS provider may need support CNAME records in the root domain. You also could map www.example.com to your application gateway IP address.
Another way is to configure redirection and routing rules on the application gateway level. You may add two multi-site listeners, one is for host example.com, another is for host www.example.com. Then configure the redirection from one listener to another listener. You could get more info on the Application Gateway redirect overview.
When I place a CDN, or something like Azure Front Door, in front of a webapp, how do I stop traffic from directly hitting the .azurewebsite.net domain name?
I believe the below article discusses in depth on how to setup an Azure Web App and how to use Azure Front Door with it. It highlights how myappfrontend.azurefd.net will be the front end for your app, which will then redirect the request to the backend (.azurewebsites.net) only if the criteria is met. There is a second article that highlights setting up a custom domain to be used with Azure Front Door if necessary. Please review the below information and let us know if you have any more direct questions.
Once this is setup, you can develop reroute rules to direct requests from .azurewebsites.net to your custom domain, which would ensure all requests are handled by Azure Front Door.
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect rule for azurewebsites.net to domain.com" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions>
<add input="{HTTP_HOST}" pattern="whateverappdavid.azurewebsites.net" />
</conditions>
<action type="Redirect" url="http://therealdavids.com/{R:0}" />
</rule>
</rules>
</rewrite>
</system.webServer>
Azure App Services with Azure Front Door
Azure Front Door Custom Domain
Update
Perhaps, you can use the REST API to retrieve the set of IPs for Verizon’s point of presence (POP) servers. Then use this IP list to enforce that requests to your origin server are made only from a valid Verizon POP.
Ref: Retrieve the current Verizon POP list for Azure CDN
This is a follow up to my question from yesterday Azure Storage blob using custom domain is not resolving while subdomain worked - how to set up host records?
The objective is to have blob storage files be reachable and ranked on google via our custom domain for example: http://contoso.com/docs/product1-specs.pdf.
This is a new website and so there's no concern with needed redirects from old links.
so in an html file on "contoso.com/product1" you'd have an internal link for example
product 1 specs
where "contoso.com" is our custom domain hosted by Azure App Service
where "contoso1.blob.core.windows.net" is the Azure Storage Account "contoso1"
where "/docs/product1-specs.pdf" represents the blob file "product1-specs.pdf" in the container "docs" stored in Azure Storage.
This is a four part question:
Question part 1: what is the SEO friendly and proper technical approach to achieve this internal link and retrieve the blob from Azure storage ? Of course the external link contoso.com/docs/product1-specs.pdf fetched as an external resource also needs to be a valid retrievable url.
Is it:
a)setting the custom domain for the storage account to a subdomain assets.contoso.com and then doing an url rewrite/redirect to contoso.com/docs/*
b) setting the custom domain for the storage account to contoso.com and then doing an url rewrite/redirect to contoso.com/docs/*
c) something different
I prefer not to have to host and manage ranking for a separate site with assets.contoso.com - I'd like to have the blobs organized in the "docs" container that online shows up as if it were a folder called "docs".
Question part 2: I create a test Azure storage account called "iprobesolutions" and set the custom domain to iprobesolutions.com per this screenshot:
https://www.dropbox.com/s/45u6iczcnusuxvl/Screenshot%202016-05-31%2010.31.40.png?dl=0
Is it right to do the following steps in this order:
1) in the Azure storage account set up iprobesolutions.com as the custom domain iprobesolutions.com
2) set dns records for iprobesolutions.com as follows per screenshot:
https://www.dropbox.com/s/xqw2d9k3gj6mnjs/Screenshot%202016-05-30%2021.30.22.png?dl=0 and DNS configuration to point iprobesolutions.com to iprobesolutions.blob.core.windows.net
3) finally set up URL rewrite configuration
Or do I ONLY need URL rewrite configuration without having to set up a custom domain in Azure Storage ?
Question part 3:
For the URL configuration part, whether done as step 3 or as a single step, looking at this question How to map Azure Blob with container with a custom domain sub-directory? and another source which of below two would be the correct web.config redirect for IIS 8.5 and what is the difference between the two ? As mentioned, there is no concern for maintaining old links as it's a new website .I'm not clear whether for our specific use case we need a redirect or just a rewrite ?
The goal is to have iprobesolutions.com/docs/product1-specs.pdf be the canonical name (and NOT the Azure blob name),
<rule name="redirect-docs" stopProcessing="true">
<match url="docs/(.*)"/>
<action type="Redirect" url="https://iprobesolutions1.blob.core.windows.net/docs/{R:1}"></action>
</rule>
<rule name="docs redirection" stopProcessing="false">
<match url="docs/(.*)" ignoreCase="true" />
<action type="Redirect" url="https://iprobesolutions.com/docs/{R:1}" redirectType="Permanent" appendQueryString="true" logRewrittenUrl="true" />
</rule>
Question part 4: since iprobesolutions1.blob.core.windows.net is forced as a HTTPS connection, is converting it into an HTTP connection via our HTTP website w going to lead to some browsers giving a false positive of a security alarm and if so, what is the solution to avoiding these false positives without suddenly being constrained to purchase a TSL certificate to force an HTTPS connections to iprobesolutions.com since it's set up as a static marketing website.
Thanks for taking the time to read and I hope someone could chime in from their experience facing similar scenarios to mine!
For starters, you can't map your root domain to both an app service and a storage account. I've responded in your other thread.
Also, please note that google is requiring all sites use HTTPS or your site will be penalized. Just something else to consider.
I have two web apps deployed on cloud services in two regions.
WebApp1.cloudapp.net
WebApp2.cloudapp.net
I created Azure Traffic Manager with Performance Load Balancing
WebApp.trafficmanager.net
What is CName for my cloud app and how can I configure this CName point to Azure Traffic Manager?
The CNAME for your app is WebApp.trafficmanager.net. You will need to register a custom domain from one of the DNS providers -- once done use the tools they provide to add a CNAME record for "www" to your domain and point it at your Traffic Manager.
At the moment Azure Traffic Manager does not support apex (naked) domains. So this solution would cover www.yourdomain.com, but not simply yourdomain.com.
Some DNS providers support forwarding where you can specify yourdomain.com should redirect to www.yourdomain.com.
If this is not the case, you can enable forwarding in your Azure Web App by adding this to your web.config:
<system.webServer>
<rewrite>
<rules>
<rule name="Apex Redirection" stopProcessing="false">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="^(www\.)(.*)$" />
</conditions>
<action type="Redirect" url="http://{C:2}{REQUEST_URI}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
</system.webServer>
Then you would pick either of your cloud service regions and grab the "A" record from the Azure management console for your DNS record. Anyone who goes to yourdomain.com would go to that region's app and get redirected to your Traffic Manager at www.yourdomain.com.
You would register a custom domain name with the registrar of your choice (ie. GoDaddy, Network Solutions, etc). Once you have this domain name you would then configure it on the registrar's site to have a CNAME entry pointing to the trafficmanager.net address. So it would look like:
www.webapp.com IN CNAME webapp.trafficmanager.net