“It takes 20 years to build a reputation for any business and few minutes of cyber-incident to ruin it.”

Last topic of this series is Security – Security should be on top priority of any business solution – that’s the reason when you think about your solution – we should plan the security mechanism properly – so we can delivery bullet proof solution along with best-in class customer experience

Manage Azure App Service using WAF

Web application firewalls (WAF) help secure your web applications by inspecting inbound web traffic to block SQL injections, Cross-Site Scripting, malware uploads & application DDoS and other attacks. They also inspect the responses from the back-end web servers for Data Loss Prevention (DLP). Azure provides a WAF capability with the Application Gateway.

Application gateway allows you to have an App Service app or other multi-tenant service as a back-end pool member. In this article, you learn to configure an App Service app with Application Gateway. The first example shows you how to configure an existing application gateway to use a web app as a back-end pool member

Azure_Ashish
  1. Add Application Gateway Configuration
Azure_Ashish
  • Update Azure subscription and resource group detail, use Application Gateway name as DemoWAF
Azure_Ashish
  • Once Application Gateway created, click  DemoWAF
Azure_Ashish
  • Add listeners with below detail and save changes
Azure_Ashish
  • Once changes are Saved new Listener will be added in the list
azure
  • Create new Backend Pool and target with Azure app service
Azure_Ashish
  • Once backend pool complete, associate rules with backend pool
Azure_Ashish
Azure_Ashish
  • After done with rules we can find associated rules in backend pool
Azure_Ashish
  • Now Azure App Service can be manage by Azure WAF.

I hope this article will help you to configure the DevOps!

Please let me know if you have any specific issue.

Connect me on Twitter – https://twitter.com/sitecore_ashish or Linkedin – https://www.linkedin.com/in/ashishbansal9/

Happy Sitecoring and Cloud

Leave a Reply

Your email address will not be published. Required fields are marked *