2

We are in process of designing a system using Azure App Service consist of Asp.Net Core 3 Web API and React Web Application(SPA – SEO not required). Currently React azure web app calling Web API direct with Client Side Rendering. For better security, is it better to use Express reverse proxy and Server Side Rendering and restrict all access to Web API except Azure React Web app IP?

Thanks for your time.

LPLN
  • 475
  • 1
  • 6
  • 20
Med
  • 21
  • 2
  • What is the security issue you are trying to solve by adding a reverse proxy? – juunas Dec 15 '19 at 10:32
  • Good question junnas, I am not sure reverse proxy could add extra security layer as it is just pass-through. Main aim here is to be able to add IP restriction to WebAPI so only the React Web App IP can access. I guess by implementing SSR (i.e. NextJs) in ReactApp we can achieve this. Am I understanding this correctly? – Med Dec 15 '19 at 15:20
  • Hmm, it does sound feasible I guess. – juunas Dec 15 '19 at 15:47

0 Answers0