Azure - Allow access to a website deployed on Azure App Service only for a single country

Question

I have website deployed on Azure App Service and I want to restrict access to my website from any other country accessing it but only a specific country can access that website. Is there any way where I can restrict/allow at the infrastructure level inside Azure?

Answer 1

Answer is: Azure Front Door with Front Door WAF policy

After going through with different Microsoft documentation I finally implemented the solution with Azure Front Door where you can set Frontend hosts and Backend pools with forwarding/redirecting. And in Frontend hosts, you can select WAF policy.

In the backend pool, you can select any application e.g. App Service or any IP where your app is deployed.

In WAF policy there are multiple options to restrict your traffic and one of them is geolocation restriction.

Just apply geolocation restriction according to your desired country and it will work like a charm.

Answer 2

Is there any way where I can restrict/allow at the infrastructure level inside Azure?

Agree with Sajeetharan. It seems Azure Web App could not restrict the access just by country directly. You can have a try with Azure CDN, it can restrict the access by country.

But, as the comment you said, you do not have to restrict CDN, in this case, you can consider to restrict IP addressees in Azure. You can also use IP Restrictions menu in Azure app services to add restrictions:

You can check the document Azure App Service Access Restrictions for some more details.

Besides, you can try to use web.config or use IP restrictions feature of the webapp:

Check this thread for some more info.

Hope this helps.

Answer 3

Even though AppService does not provide, Yes this can be done with Azure CDN provider does via the Geo Level Filtering. More details can be found here.