Zoomtutorials
  • Cloud
    • Cloud Hosting
      • AWS
      • Azure
      • GCP
      • Oracle Cloud
      • Alibaba Cloud
      • IBM Cloud
      • DigitalOcean
      • Linode
  • DevOps
    • DevOps Tools
      • Terraform
      • Git
      • GitHub
      • Jenkins
      • Docker
      • Kubernetes
      • Ansible
      • Python
      • Monitoring
    • Azure DevOps
      • Azure Boards
      • Azure Repos
      • Azure Pipelines
      • Azure Test Plans
      • Azure Artifacts
      • Extensions Marketplace
    • AWS DevOps
      • CodeStar
      • CodeCommit
      • CodeBuild
      • CodeDeploy
      • CodePipeline
      • CodeArtifact
  • Programming
    • Application
      • Magento 2
      • Magento
      • WordPress
      • PHP
      • .Net
      • .Net Core
      • NodeJS
      • JAVA
    • Database
      • Microsoft SQL Server
      • MySQL
      • MariaDB
      • Amazon Aurora
      • SQL Proxy
    • Web Server
      • IIS
      • Apache
      • NGINX
      • Tomcat
      • NodeJS
    • Microsoft Dynamics ERP
      • Dynamics 365
        • D365 FnO
        • D365 BC
      • Dynamics AX
      • Dynamics NAV
      • Dynamics GP
      • Dynamics CRM
  • HowTos
    • Linux OS
      • RHEL
      • Ubuntu
      • CentOS
      • Fedora
      • Debian
    • Linux Tips
      • Linux Commands
      • Linux Tricks
      • Linux Cheatsheet
    • Windows OS
      • Server 2019
      • Server 2016
      • Server 2012
      • Server 2008
      • Windows 11
      • Windows 10
      • Windows 8
      • Windows 7
    • Windows Tips
      • Windows Commands
      • Windows Shortcuts
    • Microsoft
      • Office 365
      • Microsoft 365
      • SharePoint
      • MS Dynamics ERP
  • Tools
    • Monitoring
      • New Relic
      • ELK Stack
      • Loggly
      • DataDog
      • Papertrial
      • Graylog
      • UptimeRobot
    • Security
      • Firewall
      • Internet Security
      • Antivirus
    • Backup
      • SQL Backup
      • Iperius Backup
  • Hire Us
  • Courses
  • Submit Tutorials
  • More…
    • …
      • Services
      • News
      • Write For Us
      • Community
      • Donate ❤️
      • Contact Us
Facebook Twitter Instagram
Zoomtutorials
  • Cloud
    • Cloud Hosting
      • AWS
      • Azure
      • GCP
      • Oracle Cloud
      • Alibaba Cloud
      • IBM Cloud
      • DigitalOcean
      • Linode
  • DevOps
    • DevOps Tools
      • Terraform
      • Git
      • GitHub
      • Jenkins
      • Docker
      • Kubernetes
      • Ansible
      • Python
      • Monitoring
    • Azure DevOps
      • Azure Boards
      • Azure Repos
      • Azure Pipelines
      • Azure Test Plans
      • Azure Artifacts
      • Extensions Marketplace
    • AWS DevOps
      • CodeStar
      • CodeCommit
      • CodeBuild
      • CodeDeploy
      • CodePipeline
      • CodeArtifact
  • Programming
    • Application
      • Magento 2
      • Magento
      • WordPress
      • PHP
      • .Net
      • .Net Core
      • NodeJS
      • JAVA
    • Database
      • Microsoft SQL Server
      • MySQL
      • MariaDB
      • Amazon Aurora
      • SQL Proxy
    • Web Server
      • IIS
      • Apache
      • NGINX
      • Tomcat
      • NodeJS
    • Microsoft Dynamics ERP
      • Dynamics 365
        • D365 FnO
        • D365 BC
      • Dynamics AX
      • Dynamics NAV
      • Dynamics GP
      • Dynamics CRM
  • HowTos
    • Linux OS
      • RHEL
      • Ubuntu
      • CentOS
      • Fedora
      • Debian
    • Linux Tips
      • Linux Commands
      • Linux Tricks
      • Linux Cheatsheet
    • Windows OS
      • Server 2019
      • Server 2016
      • Server 2012
      • Server 2008
      • Windows 11
      • Windows 10
      • Windows 8
      • Windows 7
    • Windows Tips
      • Windows Commands
      • Windows Shortcuts
    • Microsoft
      • Office 365
      • Microsoft 365
      • SharePoint
      • MS Dynamics ERP
  • Tools
    • Monitoring
      • New Relic
      • ELK Stack
      • Loggly
      • DataDog
      • Papertrial
      • Graylog
      • UptimeRobot
    • Security
      • Firewall
      • Internet Security
      • Antivirus
    • Backup
      • SQL Backup
      • Iperius Backup
  • Hire Us
  • Courses
  • Submit Tutorials
  • More…
    • …
      • Services
      • News
      • Write For Us
      • Community
      • Donate ❤️
      • Contact Us
Facebook Twitter Instagram YouTube LinkedIn
Zoomtutorials
Azure

How to implement multi-website on single Azure Application Gateway WAF

ZT Senior EditorBy ZT Senior EditorApril 9, 2020Updated:September 14, 20203 Comments3 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Share
Facebook Twitter LinkedIn Pinterest Email

How to implement multi-website on single Azure Application Gateway WAF

The below architecture diagram describes how Application Gateway helps in routing different websites with different domains hosted on different servers from the same Application Gateway and how the requests can be filtered and accepted/blocked based on the type of traffic. This can be achieved with the help of the below Application Gateway and WAF configurations.

 

 

In the above architecture, we have 3 websites hosted on 3 different types of architectures where www.domain01.com site is hosted on 2 servers, www.domain02.com site on a single server and the www.domain03.com site is hosted on 3 server architecture.

In order for the Application Gateway to properly route traffic to the sites based on the incoming request, we will implement the below configurations.

  1. Backend Pools: This is the configuration where we configure the servers/services of each site. For our architecture, we will configure 3 backend pools as below.
  • Domain01-BackendPool: Here, we add 2 VMs hosting domain01.com as the targets.
  • Domain02-BackendPool: Here, we add the VM hosting domain02.com as the target.
  • Domain03-BackendPool: Here, we add 3 VMs hosting domain03.com as the targets.
  1. HTTP Settings: Here, we configure the ports where we will be sending HTTP and HTTPS request.
  • HTTP: In this setting, we configured HTTP traffic to be routed to 80 port.
  • HTTPS: In this setting, we configured HTTPS traffic to be routed to 443 port.
  1. Listeners: Here we configure the HTTP and HTTPS listeners for each website’s separately.
  • HTTP01: This is the HTTP listener for domain01.com
  • HTTS01: This is the HTTPS listener for domain01.com
  • HTTP02: This is the HTTP listener for domain02.com
  • HTTS02: This is the HTTPS listener for domain02.com
  • HTTP03: This is the HTTP listener for domain03.com
  • HTTS03: This is the HTTPS listener for domain03.com

Note: We need to create/upload the SSL certificate of each website while creating HTTPS listener.

  1. Rules: This is configuration which will play the major role of routing the traffic based on the incoming traffic request.
  • HTTP01: This rule will route incoming traffic of domain01.com (HTTP01 Listener) to Domain01-BackendPool HTTP backend target.
  • HTTPS01: This rule will route incoming traffic of domain01.com (HTTPS01 Listener) to Domain01-BackendPool HTTPS backend target.
  • HTTP02: This rule will route incoming traffic of domain02.com (HTTP02 Listener) to Domain02-BackendPool HTTP backend target.
  • HTTPS02: This rule will route incoming traffic of domain02.com (HTTPS02 Listener) to Domain02-BackendPool HTTPS backend target.
  • HTTP03: This rule will route incoming traffic of domain03.com (HTTP03 Listener) to Domain03-BackendPool HTTP backend target.
  • HTTPS03: This rule will route incoming traffic of domain03.com (HTTPS03 Listener) to Domain03-BackendPool HTTPS backend target.
  1. Web Application Firewall: This is the configuration for the Firewall. Here, we configured the Tier as ‘WAF’ and the Firewall status is enabled and mode is selected as Prevention. The prevention mode will block all unwanted requests coming to the application gateway based on the Rule set which is applied on the WAF i.e. OWASP 3.0.

Note: The Application Gateway WAF implementation will be based on the architecture of the backend development/production environment. The settings will largely vary based on the backend environment architecture.

For information on the list of WAF rules which are part of OWASP 3.0, Click HERE.

application gateway OWASP 3.0 waf
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Avatar photo
ZT Senior Editor
  • Website

The editor is the founder and chief editor of ZoomTutorials Blog, a leading tutorials and technology blogging site specializing in DevOps, SysAdmin and Cloud Technologies to help IT professionals in their day to day work. He is a Senior Cloud and DevOps Solutions Engineer at a leading eCommerce development Company and has more than 11+ years of Cloud, DevOps and SysAdmin experience working with Fortune 500 companies to solve their most important IT backbones. He lives in Hyderabad with his wife, a son and a daughter.

Related Posts

Azure Web Application Firewall (WAF) Use Cases

April 15, 2020

How to Create and Deploy Azure Firewall

March 28, 2020

Azure Application Gateway Web Application Firewall (WAF)

March 28, 2020

3 Comments

  1. Flavius Demian on September 5, 2020 5:52 am

    Hi,

    I have the following scenario:
    A gateway and a vm scale set which are of course in the same network. I have a domain and a subdomain which I need to map.
    For the gateway I just have a Public IP set and the default cloudapp.azure.com domain. I have 2 backend pools, one for domain and subdomain. Each domain has a separate Rule and each rule a separate Listener and all the Rules have the same Backend targets.
    https://prnt.sc/ubwncj
    https://prnt.sc/ubwnq1
    https://prnt.sc/ubwnw0
    https://prnt.sc/ubwnzw
    https://prnt.sc/ubwo8t
    https://prnt.sc/ubwopl
    https://prnt.sc/ubwot9
    https://prnt.sc/ubwowo
    https://prnt.sc/ubwozt

    For some reason, it will not load the page when I put the specific domains in place for my listeners.
    If I put here one of my domains, https://prnt.sc/ubwl1s it will just not work. Am I missing something in the DNS?
    Also, how did you generate the certificates? Did you use let’s encrypt?

    Did you generate the certificate after mapping the domains specifically on a server and then just exported the certificate from there after changing the ip to the gateway?

    I would really appreciate if you can help. Thanks

    Reply
    • Avatar photo
      Choudhury S on September 11, 2020 12:20 pm

      Hello Demian,

      Can we schedule screen sharing session to troubleshoot and fix the issue. The screenshots do provide some inputs but it’s not completely clear to provide you a solution.

      Hope you understand.

      Thanks!
      [email protected]

      Reply
      • Flavius Demian on September 12, 2020 6:21 am

        Hi,
        I just sent you my details via email. Thank you for your help.

        BR,
        Flavius

        Reply

Leave A Reply Cancel Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Buy Me a Coffee Plz...

Get our latest tutorials
Recent Posts
  • Install Latest Git 2.x on CentOS/RHEL
  • How to Use the slmgr Command in Windows
  • How To Extend Windows Server Evaluation after Trial Period Expiry
  • List of Useful Magento 2 Commands
  • Magento 2 Commands and the Use Cases
  • MySQL and MariaDB Performance Tuning and Optimization
  • Microsoft Dynamics AX End of Support/Life
  • Magento Community read/write splitting with Database Proxy
  • Git Commands for developers and sysadmins
  • Install the git credential-oskeychain
December 2022
M T W T F S S
 1234
567891011
12131415161718
19202122232425
262728293031  
« Aug    
Archives
Facebook Twitter Instagram YouTube LinkedIn
  • Donation ❤️
  • About
  • Services
  • Submit Tutorials
  • Contact Us
  • Privacy Policy
  • Terms of Use
Copyright © 2023 by ZT Consulting. Designed with ❤️ by CloudSols.com. Hosting Partner Contabo.com. SSL Partner SSL.com. Monitoring Partner UptimeRobot.com

Type above and press Enter to search. Press Esc to cancel.