0

I have a website running on Azure Web App. This website provides a profile page to its users. The users are looking to point their custom domains to their respective profile page. I want to minimize the manual steps to achieve this. For every custom domain, I need to add that manually to Azure Web app and also need to verify the ownership via TXT record. This could be fine for a small number of custom domains but when you have 100s of such users, it just becomes a blocker.

Is there any way I could somehow let any custom domain pointed to my website work without needing to add the domain record on Azure portal and having to verify ownership?

I wonder if Azure DNS can help me achieve my goal in anyway.

user559788
  • 105
  • 1
  • Why not use a sub-domain of your domain for each customer and have the customer create a CNAME record in their DNS for their respective sub-domain? – joeqwerty Apr 11 '21 at 23:41
  • Azure still requires me add and validate ownership customer's domain :( – user559788 Apr 12 '21 at 01:13
  • You shouldn't need to validate their domain. You'd be creating a customer-centric sub-domain of your domain. **mycustomerprofile.yourdomain.com**. They'd then create a CNAME record in their DNS aliasing your canonical sub-domain record. **myprofile.mydomain.com** = **mycustomerprofile.yourdomain.com**. – joeqwerty Apr 12 '21 at 01:30
  • Ideally this should work. But not for Azure. It requires all custom domains be added to the portal :( This is a very azure specific issue seems like – user559788 Apr 12 '21 at 01:34
  • OK, but **yourdomain.com** is already verified and validated. You own the domain and control the DNS. Why can't you create any DNS records you like? **www.yourdomain.com**, **email.yourdomain.com**, **yourcustomer.yourdomain.com**, you wouldn't be adding their domain, you'd be adding a customer related sub-domain, such as **AcmeWidgets.yourdomain.com**, or **BigCustomer.yourdomain.com**. I'm not understanding why that isn't possible. – joeqwerty Apr 12 '21 at 01:37
  • Here's what I did. on my azure webapp, setup my custom domain as *.mydomain.com. now my customers can goto customer1.mydomain.com, customer2.mydomain.com. All good so far. Now customer 1 has a domain customer1.com. Edited the DNS for customer1.com and pointed the www CNAME to customer1.mydomain.com. But when I type www.customer1.com, Azure returns 404 :( – user559788 Apr 13 '21 at 01:22

1 Answers1

0

From what I understand above, you have a web app with a domain of webapp.azurewebsites.net, you then created a CNAME pointing customer1.mydomain.com to webapp.azurewebsites.net, then you created another CNAME pointing www.customer1.com to customer1.mydomain.com, is that correct?

There are 2 issues here I believe:

  1. Azure Websites will only respond to a url that is setup on the web app, so if you don't add www.customer1.com to the web app you will get a 404
  2. Automatic verification of the domain (only verification, not addition to the web app) I suspect only works if your CNAME is pointing directly at the azurewebsites.net url

You really have 2 options to do what you want to do:

  1. Use automation to setup the right urls in the web app when you onboard a customer, this isn't something you want to do manually. You can use ARM templates, CLI, Terraform etc. to do this
  2. Put a reverse proxy in front of the web app that can catch traffic in a more generic way and pass it on. Something like Azure Front Door or Application Gateway could do this.
Sam Cogan
  • 38,736
  • 6
  • 78
  • 114
  • Hello Sam. Apologies for late reply. if I understand correctly, with automation, I can add custom urls automatically to my web app. But the verification step would still be manual, right? regarding option #2, let me explore it. Thanks for the helpful pointers. – user559788 Apr 19 '21 at 02:29
  • The verification can also be automated, if you are able to access the DNS zone to create the records using automation. If it uses Azure DNS this is easiest. Or just have the CNAME point directly the the azurewebsites.net address then you won't need verification. – Sam Cogan Apr 20 '21 at 08:48
  • hmm. let me explore the reverse proxy options. thanks Sam – user559788 May 08 '21 at 15:37