Azure App Services: How to restrict everything but one IP address
Question
I have a Web API hosted in Azure App Services, and I want to use the restriction tool to restrict traffic for every single IP that exists, with the exception of the ip address that we want to actually call this service.
How should I proceed? This answer show the correct way to block a single IP, and even mention that you can block a range of IP, but I don't really know how to block a range, as there's not two input boxes to write a range.
Can you help me out please? Thank you!
2 answers
solution1
2 2021-06-14 18:19:50
So, after digging even more around, I found the way. The issue is that the ip address input box expects either an ip or a range of ips based on CIDR notation. In CIDR notation, to block everything, you will write: 0.0.0.0/0
If you don't know CIDR notation, you can use this builder.
EDIT:
To allow only one ip address, is enough to create a rule allowing just that one. This will automatically block every call from other ip addresses.
solution2
0 2021-06-15 18:03:40
This would be better handled using the Azure CLI, not the portal.
Here is an Allow Example
az webapp config access-restriction add -g ResourceGroup -n AppName --rule-name developers --action Allow --ip-address 192.168.4.1/32 --priority 200
Here is a Deny Example
az webapp config access-restriction add -g ResourceGroup -n AppName --rule-name developers --action Deny --ip-address 0.0.0.0/0 --priority 500
https://docs.microsoft.com/en-us/cli/azure/webapp/config/access-restriction?view=azure-cli-latest
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.