0

Hello i have a Java Servlet(Jersey2 + Jax-rs)Api App deployed by Azure portal not from marketplace.

So now i am trying to configure my server or container to restrict IPs and HTTP requests, However, from azure guidelines in the websites are talking about setting web.config file to do that right?

but there is no web.config file in my directories.

does it mean that i need and can make a web.config file by myself and ftp to wwwroot folder?

or just as usual, put servlet filter into my app?

Gary Liu
  • 13,758
  • 1
  • 17
  • 32
Myoungso Kang
  • 47
  • 1
  • 7
  • Correct, you will need to create a new web.config file from scratch. You won't need to FTP it though, you can use Kudu to upload the file or include it in your Web Deploy publish step. – Dai Jul 13 '16 at 03:00
  • meaning that my container(tomcat) is running on the IIS? that is why i need and can configure my web server with web.config file? web.config is for .net web app not for java. – Myoungso Kang Jul 13 '16 at 04:23
  • and plus wanna make sure that the right position of web.config is "site/wwwroot" folder? – Myoungso Kang Jul 13 '16 at 04:24
  • and then what is difference between configuring at web.config and in servlet filter? – Myoungso Kang Jul 13 '16 at 04:25
  • web.config is not meant for .NET web app, it is meant to configure IIS web server. Yes, site/wwwroot is the right location. – Abhay Saraf Jul 13 '16 at 07:05
  • then, why i get internal server error? i followed just simple example of ip restrction, here, https://azure.microsoft.com/ja-jp/blog/ip-and-domain-restrictions-for-windows-azure-web-sites/ but i got 500 internal server error. – Myoungso Kang Jul 13 '16 at 07:54
  • it says "The server cannot access the applicationhost.config or web.config file because of incorrect NTFS permissions" so no way to configure with web.config right? – Myoungso Kang Jul 13 '16 at 08:01

1 Answers1

1

@MyoungsoKang, there are many ways to restrict IPs or HTTP requests for Azure App Services, please see below.

  1. Configuring web.config for IIS on Azure which you can create in the wwwroot by yourself like the answer for the SO thread Azure website IP restriction.
  2. Using filter for Java servlet container to flexibly control the inbound requests.
  3. Adding Web Application Firewall ModSecurity on Azure website, please see the blog and refer to the reference manual to know how to use it.
Community
  • 1
  • 1
Peter Pan
  • 23,476
  • 4
  • 25
  • 43
  • Thank you for your answer, right now i have used filter but was wondering is is better to configure in Server. Anyway, regarding first solution you gave me, why i am getting "The server cannot access the applicationhost.config or web.config file because of incorrect NTFS permissions" this error msg then? – Myoungso Kang Jul 19 '16 at 02:35