Notice: Only variables should be assigned by reference in G:\Web\AzureTechGuy\plugins\content\jhimagepopup\jhimagepopup.php on line 90 Notice: Undefined property: stdClass::$introtext in G:\Web\AzureTechGuy\plugins\content\jhimagepopup\jhimagepopup.php on line 108

Notice: Only variables should be assigned by reference in G:\Web\AzureTechGuy\plugins\content\jhimagepopup\jhimagepopup.php on line 90 Notice: Only variables should be assigned by reference in G:\Web\AzureTechGuy\plugins\content\jhimagepopup\jhimagepopup.php on line 90 Notice: Only variables should be assigned by reference in G:\Web\AzureTechGuy\plugins\content\jhimagepopup\jhimagepopup.php on line 90 Notice: Only variables should be assigned by reference in G:\Web\AzureTechGuy\plugins\content\jhimagepopup\jhimagepopup.php on line 90 Notice: Only variables should be assigned by reference in G:\Web\AzureTechGuy\plugins\content\jhimagepopup\jhimagepopup.php on line 90 Notice: Only variables should be assigned by reference in G:\Web\AzureTechGuy\plugins\content\jhimagepopup\jhimagepopup.php on line 90 Notice: Undefined property: Joomla\CMS\Categories\CategoryNode::$introtext in G:\Web\AzureTechGuy\plugins\content\jhimagepopup\jhimagepopup.php on line 108

Azure App Service Certificate is a SSL certificate purchased from Azure. It comes with many benefits and easy integrations with other Azure resources. The certificates are issued by GoDaddy's Certificate API in partnership with Azure.

You will see ASC be used a lot for substitute for App Service Certificate in this article

App Service Certificate

Table of Contents

Add a comment

Apart from securing your web apps there is another reason why you would use applicatoin gateway (WAF tier) in an ILB ASE. You can expose your web app to the internet. 

This is direct followup from the previous article about creating the ILB ASE itself - https://www.azuretechguy.com/ilb-ase-new

To integrate our ILB ASE with an WAF tier App Gateway we will be following this guide loosely because it is kind of old and screenshots are no longer relevant (as of now) but it gives good insight on how to achieve this

Table of Contents:

Requirements

  • ILB ASE with at least 1 App Service plan and 1 Web App
  • Public Internet domain and access to its DNS
Add a comment

Deploying an ILB App Service Environment

Microsoft recently changed the ILB deployment in a big way. You can no longer specify your own domain name for your ILB ASE, you will now be using the appserviceenvironment.net domain by default. The reason for this change is actually a great one. No more having to deal with the ILB Certificate. Yes, by using the default appserviceenvironment.net domain, Microsoft will be taking care of the SSL certificate. 

So let's summarize what changed:

  • ILB ASE now uses the domain appserviceenvironment.net by default
  • appserviceenvironment.net is still not a public domain and you need to take care of the DNS for it
  • No need to provision the ILB Certificate, will be taken care of by Microsoft by default
  • Using Custom Domains on Web Apps inside the ILB ASE will be on per Web App base, just like outside of the ASE. Remember that the DNS for these custom domains is still in your hands and within local DNS inside the VNET
  • KUDU will now only be usable using the appserviceenvironment.net domain, a.k.a webappname.scm.asename.appserviceenvironment.net

So we will be deploying an ILB ASE and do the initial configuration

Let's start!

Table of Contents:

Add a comment

If you want to remove unnecessary headers from a Web App in Azure App Services, here are some things we need to know.

App Services run on a PaaS. This means that not everything can be touched or changed. We will be addressing the Azure App Service (Windows).

In particular:

  • 502, 503 and 403 http statuses are returned from the front-end instances and never reach the worker, which means that we cannot influence the headers there

Removing the X-AspNet-Version header

You can do this by editing the web.config file in KUDU. If you don't have one, just create a web.config file in the wwwroot dir.

This is between the <configuration> </configuration>

<system.web>
    <httpRuntime enableVersionHeader="false" /> <!-- Removes ASP.NET version header. Not needed for Ghost running in iisnode -->
</system.web>

Removing the X-Powered-By: ASP.NET header

Again under <configuration> 

Add a comment