CustomResponse Action Type Status Cod 404 on Azure Web App

Question

I'm attempting to setup a rewrite rule to return a 404 for a directory on an Azure Web App. We're using Sitecore, so I'd like to block access to the Sitecore admin interface on our delivery servers.

In my web.config, I've added the following rewrite rule

<rule name="Block Sitecore Access Rule" stopProcessing="true">
    <match url=".*" />
    <conditions>
        <add input="{REQUEST_URI}" pattern="^/sitecore" />
    </conditions>
    <action type="CustomResponse" statusCode="404" statusReason="Not Found" statusDescription="Cause I said so" />
</rule>

However, this rule doesn't have any effect. If I change the status code to 403 like this, the rule does what I would expect:

<action type="CustomResponse" statusCode="403" statusReason="Not Found" statusDescription="Cause I said so" />

This indicates to me that the 404 is not allowed.

Do Azure Web Apps not support CustomResponse with 404, or is there something else I am missing?

score 0 · Answer 1 · answered Nov 21 '18 at 08:54

Works for me if I just use the match instead of conditions. I tested with a rewrite to block access to an images directory, first with a 403:

<rule name="Test 404" stopProcessing="true">
    <match url="img/*" />
    <action type="CustomResponse" statusCode="403" />
</rule>

And then with a 404:

<rule name="Test 404" stopProcessing="true">
    <match url="img/*" />
    <action type="CustomResponse" statusCode="404" />
</rule>

Removing the rewrite:

CustomResponse Action Type Status Cod 404 on Azure Web App

1 Answers1