I have a continuous WebJob running on an Azure web app, which requires me to keep keep the app "Always On." On that same app, I've set up the web.config file to block unlisted IPs with a NotFound error:
<security>
<ipSecurity allowUnlisted="false" denyAction="NotFound">
<add ipAddress="123.456.789.123" allowed="true"/> <!--office-->
<add ipAddress="168.62.180.0" allowed="true"/> <!--azure (for Always On setting)-->
</ipSecurity>
</security>
Apparently the Always On setting causes Azure to ping the website every 5 minutes in the background, but the security options are blocking Azure's pings, which is cluttering up the error logs. The other whitelisted IP addresses are able to access the app fine, though; it's just the Azure pings that are blocked.
Here's a screenshot of the error log from one of the blocked pings:
Any insights into how to allow in the Azure pings would be greatly appreciated!
Allowing both these IP worked for me. Since the ping for Always on was coming from "::1" ip, however I have also added "127.0.0.1" to the list.
<add allowed="true" ipAddress="::1" />
<add allowed="true" ipAddress="127.0.0.1" />
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With