By default not all HTTP methods or verbs are allowed in Azure App Service. In order to allow/remove methods/verbs we need to make configurational changes.

It really boils down to what stack is your App running on.

Web Apps (Windows)

In IIS handlers are responsible for different app stacks and this is where the allowed verbs are also configured. We can see how the different handlers are configured in the applicationHost.config file. More details on it in my other article.

Go to KUDU and open the applicationHost.config file - D:\Local\Config\applicationhost.config. Find <handlers accessPolicy="Read, Script"> row. From there you can examine how different technologies are configured.

Let's take PHP for example

Add a comment

Azure App Service is PaaS. This means that we have very limited capabilities of changing configurations. applicationHost.config file is one of them. It holds all the necessary settings for your Web App but it is read-only.

Location of the applicationHost.config file

You can find your Web App's applicationHost.config file in the following location:

D:\Local\Config\applicationhost.config

OR

https://webappname.scm.azurewebsites.net/api/vfs/localsiteroot/config/applicationHost.config

It loads the same applicationHost.config from D:\Local\Config

It is read-only and you cannot directly edit it but you can use it to check certain settings and how they are configured.

Making changes to the applicationHost.config file

The file can be read-only but we have certain ways of making changes. It can be done with Xdt Transformation

Here are some examples:

https://github.com/projectkudu/kudu/wiki/Xdt-transform-samples

https://github.com/uglide/azure-content/blob/master/articles/app-service-web/web-sites-transform-extend.md

https://github.com/projectkudu/kudu/wiki/Azure-Site-Extensions#understanding-what-could-go-wrong-with-xdt-transforms

You can do a lot of the changes suggested for the Xdt examples through web.config so the use of Xdt transform must be a very specific

 

Add a comment

In this article i will show you how to host a static website almost for free on Azure Storage and Microsoft CDN. You can host any static web pages and take advantage of javascript and CSS but not from any back-end language. Good example of a more advanced static content that you can host on the Azure Storage is Jekyll.

Table of Contents

Requirements

What do you need to have in order to complete the guide:

  • An active Azure subscription - Free/Pay as you go/Visual Studio/Partnership/EA/CSS
  • Custom domain hosted on Azure DNS (optional)
Add a comment

We see CAA records more and since CAs are now obligated to check for CAA records when issuing SSL certificates. With this comes the question - How to create a CAA record in Azure DNS? Because it's not currently on the dropdown when selecting the type of DNS record.

What is CAA record?

The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name holder to specify one or more Certification Authorities (CAs) authorized to issue certificates for that domain. CAA Resource Records allow a public Certification Authority to implement additional controls to reduce the risk of unintended certificate mis-issue. It's a really good security measure which gives you control over SSL issuence under your domain. Basically, you set the CAA record which tells which CAs can issue a certificate for your domain. You need to list them.

You can find a list of CA names and domains here - https://sslmate.com/caa/

CloudFlare questions related to CAA answered here - https://support.cloudflare.com/hc/en-us/articles/115000310832-Certification-Authority-Authorization-CAA-FAQ

Add a comment