If you want to change the DNS in Azure App Service Web App, this article will show you how. First, let's say that by default App Service is using Azure DNS servers for name resolution.

They are invisible to us in the PaaS environment and we can't really influence them in any way. So if we want any custom DNS scenarios, we have a way of changing this "Default" DNS Server.

Azure DNS

Ok, let's move on to actually changing the DNS Server.

Add a comment

Apart from securing your web apps there is another reason why you would use applicatoin gateway (WAF tier) in an ILB ASE. You can expose your web app to the internet. 

This is direct followup from the previous article about creating the ILB ASE itself - https://www.azuretechguy.com/ilb-ase-new

To integrate our ILB ASE with an WAF tier App Gateway we will be following this guide loosely because it is kind of old and screenshots are no longer relevant (as of now) but it gives good insight on how to achieve this

Table of Contents:

Requirements

  • ILB ASE with at least 1 App Service plan and 1 Web App
  • Public Internet domain and access to its DNS
Add a comment

Deploying an ILB App Service Environment

Microsoft recently changed the ILB deployment in a big way. You can no longer specify your own domain name for your ILB ASE, you will now be using the appserviceenvironment.net domain by default. The reason for this change is actually a great one. No more having to deal with the ILB Certificate. Yes, by using the default appserviceenvironment.net domain, Microsoft will be taking care of the SSL certificate. 

So let's summarize what changed:

  • ILB ASE now uses the domain appserviceenvironment.net by default
  • appserviceenvironment.net is still not a public domain and you need to take care of the DNS for it
  • No need to provision the ILB Certificate, will be taken care of by Microsoft by default
  • Using Custom Domains on Web Apps inside the ILB ASE will be on per Web App base, just like outside of the ASE. Remember that the DNS for these custom domains is still in your hands and within local DNS inside the VNET
  • KUDU will now only be usable using the appserviceenvironment.net domain, a.k.a webappname.scm.asename.appserviceenvironment.net

So we will be deploying an ILB ASE and do the initial configuration

Let's start!

Table of Contents:

Add a comment

If you want to remove unnecessary headers from a Web App in Azure App Services, here are some things we need to know.

App Services run on a PaaS. This means that not everything can be touched or changed.

In particular:

  • 502, 503 and 403 http statuses are returned from the front-end devices and never reach the worker, which means that we cannot influence the headers there

Removing the X-AspNet-Version header

You can do this by editing the web.config file in KUDU. If you don't have one, just create a web.config file in the wwwroot dir.

This is between the <configuration> </configuration>

<system.web>
    <httpRuntime enableVersionHeader="false" /> <!-- Removes ASP.NET version header. Not needed for Ghost running in iisnode -->
</system.web>

Removing the X-Powered-By: ASP.NET header

Again under <configuration> 

Add a comment