Azure AppService IP Restrictions on Shared Tier

0
votes

I would like to create a white list for IPs connecting to my App Service. Is there any way to do this on the Shared pricing tier?

Azure gives more features for higher pricing tiers. In the past I found a way to get some features for free. I was able to use a free SSL certificate so I can map to my custom domain name and transmit data over a secured connection on the Shared tier.

I have written code to white list IP addresses but I'd rather handle it with configuration rather than on the application level. I would prefer not use the Shared or Basic tiers (and toggle the vm on and off). Are there any solutions available?

1
azureazure-web-app-service
<ipSecurity> should work in web.config even in Shared - stackoverflow.com/a/38808091/4148708evilSnobu
That totally worked. Thanks!afriedman111
@evilSnobu You could add it as an answer.Tom Sun - MSFT

1 Answers

0
votes

This is possible since the early days of Azure App Service (back when it was called Web Apps) and it applies to any pricing tier —

You can use <ipSecurity> in your web.config to filter out IP sources:

My other answer here has a sample configuration — https://stackoverflow.com/a/38808091/4148708

NOTE: This only applies to App Service with Windows workers, since it's an IIS feature. For Linux workers, it will depend on the web server you host in your container (Apache/nginx/lighttpd/Node/gunicorn/...). Look up the relevant configuration options and add to your Docker container.