I'm trying to implement an F5 Web Application Firewall (WAF) in front of my Azure App Services, and I want to make sure that the access to my application is strictly through the F5 WAF. How can I properly configure this to prevent any unauthorized bypassing?
2 Answers
To set this up, add the F5 WAF with a Fully Qualified Domain Name (FQDN) and make sure it forwards to your app’s CNAME. Just ensure that this FQDN is included in your app’s allowed FQDN list to avoid any issues.
You can check out the IP restrictions feature in Azure App Services. Here’s a good guide to get you started: https://learn.microsoft.com/en-us/azure/app-service/app-service-ip-restrictions?tabs=azurecli. Just be cautious because adding IP restrictions can sometimes lead to 404 errors if not configured correctly!
I tried adding the necessary IPs for access, but my app just started showing a 404 error. Is there a better way to handle firewall settings for Azure app services?