0

We do have multitenant app hosted on azure and we considered using wild card domains as there is restriction of number of subdomains an app service can contain(as of now it is 500) and I was able to add wildcard domains and attach to out App service.

Now Our concern is , it allows any domains which ends with say '.oursize.com', at least the landing page of website.

Suppose, we asked customer A to use as.oursite.com, if they misspell and use ap.oursite.com, still they will be able to access this and try to login and end up having error.

So, Is there any way, we can add restriction for subdomain? at App service level to allow only some domains or at Traffic manager level or load balancer level?

RashmiMs
  • 129
  • 14
  • As far as I know we will be receiving the 404 error message if we try to access the domain which is not listed (either subdomain or main domain) how come you are able to get the login page could you please help me with the more insights here is the screenshot with error message if we access the domain which is not listed https://i.imgur.com/HiHQJ1s.png – SaiSakethGuduru Oct 13 '21 at 12:46
  • its not like I am trying to access domain which is not listed. I have set a wild card domain for abc.com like ' \*.abc.com' -> so user can access the page using anything in place of '\*' like 123.abc.com, sai.abc.com so in this wildcard domain also, we want to restrict the domains that user can use. – RashmiMs Oct 14 '21 at 09:49

1 Answers1

0

If you have enabled TLS/SSL with your Azure Web App then maybe by using a certificate with Subject Alternate Name you can restrict a customer from entering a wrong domain name. You can go through this documentation for additional details.

enter image description here

ChaitanyaN-MSFT
  • 466
  • 2
  • 5