0

I'm trying to get a simple HTTP console app running as an Azure Service App. All it does is return OK when you connect. It works fine on my laptop and I can publish to Azure ok using VS2019. The issue is the prefixes that are used for listening.

On my laptop I can use http://+:80/;https://+:443/, but in Azure I get an error: [EXCEPTION] Access is denied.

This article https://github.com/projectkudu/kudu/wiki/Azure-Web-App-sandbox#network-endpoint-listening implies the app will listen on 80 and 443 "The only way an application can be accessed via the internet is through the already-exposed HTTP (80) and HTTPS (443) TCP ports; applications may not listen on other ports for packets arriving from the internet. However, applications may create a socket which can listen for connections from within the sandbox. For example, two processes within the same app may communicate with one another via TCP sockets; connection attempts incoming from outside the sandbox, albeit they be on the same machine, will fail. See the next topic for additional detail."

but my code always fails when I try and register the prefix. I can't use localhost as the same article says that's not allowed. I've tried using the app URL but that doesn't work either.

I've seen other articles that imply the HTTPListener needs admin permissions which I can't give it in Azure.

Does anyone know what the correct prefixes are or if it's ever going to work?

Nicky
  • 1
  • my guess is that it's conflicting with the Azure Web App application server (most of the time IIS) which is already listening to those ports – Thiago Custodio Sep 23 '21 at 13:27
  • Probably, but the article does imply applications can listen on those ports as well. – Nicky Sep 23 '21 at 13:33

1 Answers1

0

Netstat not working in KUDU so ASE (App Service Environment) is used to view the port details in portal App Service Environment -> General -> IP Addresses (check here ).

App Service applications only serve HTTP (port 80) and HTTPS (port 443) traffic. Each App Service application has default built-in HTTPS support for the azurewebsites.net domain name.

Your app may be already listening to the port 80 & 443. Please check here for more info for similar issue see here

Delliganesh Sevanesan
  • 4,146
  • 1
  • 5
  • 15
  • The techcommunity issue is the same as I have and doesn't have any solutions. How do I listen for HTTPS traffic in an app and not use the built-in HTTPS support? It's the prefixes that's causing the Access Denied error so what is the correct one to use? – Nicky Sep 28 '21 at 13:28
  • `port-mapping` is available _only_ with **containers**. Not with standard App Service, which still has the same 80/443 limitation. If you want to use it u can use the cloud service check [here](https://stackoverflow.com/a/40543041/15997690) & refer [here](https://stackoverflow.com/questions/43516071/open-additional-ports-on-azure-web-app) – Delliganesh Sevanesan Sep 29 '21 at 05:45
  • Port 80/443 is what I want to use, I just can't get the HTTP Listener to start. – Nicky Sep 30 '21 at 09:27
  • If you want use HTTP use port 80 for HTTPS use port 443. But check before the same the port are using some other process by using ASE. – Delliganesh Sevanesan Sep 30 '21 at 09:51