Azure Web site IP White list for Windows Azure Web site

Source: Internet
Author: User

Windows Azure Platform Family of articles Catalog

We know that in Azure Cloud service and virtual machine, you can access control lists through the endpoint ACL (Access control list). To set the IP whitelist rule.

For details, see:Windows Azure Virtual Network (10) Setting Client access permissions using the Azure Access Control List (ACL)

By default, Azure Web site does not have an IP whitelist. This means that all users on the Internet have access to services on Azure.

That would create a problem, assuming that I want to implement the IP whitelist on Azure Web site. In this chapter I briefly introduce.

We can define the system.webserver node through the Web. config file to set which IPs can access Azure Web Site.

1. Set IP Whitelist

The rules for IP whitelist are set in this way

(1) Disable all access by default

(2) Increase the allowed access to the public IP address

  

, we set up the system.webserver node.

In the IPSecurity node

-Allowunlisted is set to true. Allow all public IP access to the Azure Web site service

-Allowunlisted is set to false. Default, all public IP addresses do not allow access to the Azure Web site service

-Denyaction is set to NotFound, all public IP IPs that are forbidden to access the Azure Web site service, error message is not Found

  

In, the rules we set are:

(1) By default, all public IP addresses do not allow access to the Azure Web site service

(2) Add an IP whitelist rule that allows the public IP address to be 167.220.232.192 public IP to access the Azure Web site service

(3) Add an IP whitelist rule that allows the public IP address to be 202.96.0.0, subnet is 255.255.0.0 public IP, Access Azure WEB site service

Display effect:

(1) The public IP address of my local calculator is 167.220.232.192, you can access services on Azure

  

(2) I have a virtual machine on Azure, the public IP is 42.159.227.98. This IP is not in the IP whitelist above, so the error message is not Found defined by us. Such as:

  

  

2. Set IP blacklist

  The IP blacklist rules are set in this way

(1) All access is allowed by default

(2) Increase the public IP address of the forbidden access

 The system.webserver node is set as shown in:

  

-Allowunlisted is set to true. Allow all public IP access to the Azure Web site service

-Add an IP blacklist rule that disables public IP addresses for 167.220.232.192, accessing the Azure Web site service

  

  

Display effect:

(1) The public network IP address of my local calculator is 167.220.232.192, access to services on Azure is forbidden

  

  

(2) I have a virtual machine on Azure, the public IP is 42.159.227.98. This IP is not in the IP blacklist above, so the display is normal:

  

  

Resources:

https://azure.microsoft.com/en-us/blog/ip-and-domain-restrictions-for-windows-azure-web-sites/

https://msdn.microsoft.com/en-us/library/ms691353 (v=vs.90). aspx

  

  

Azure Web site IP White list for Windows Azure Web site

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.