Share via

My website images, hosted on Azure Blob Storage, are not displaying

Jamal AbdelRahim 0 Reputation points
2026-03-17T11:32:18.68+00:00

Subject: Azure Front Door - Media Assets (Images) Not Loading via Custom Domain

Issue Summary: My website images, hosted on Azure Blob Storage, are not displaying through the Azure Front Door (AFD) endpoint/custom domain (cdn.pass-tickets.com), although they are accessible via the direct Blob Storage URL.

Technical Details:

Origin: Azure Blob Storage (passticketsstorage.blob.core.windows.net).

Storage Access: Anonymous Blob access is Enabled on the container level (Public access verified).

Front Door Configuration:

Endpoint: media-facgbpgthza3dhc2.z01.azurefd.net.

  __Origin Group:__ Correctly points to the Storage Account.
  
     __Route:__ Pattern to match is `/*`, and the Origin Path is currently __Empty__ (to match the storage structure).
     
        __Caching:__ Enabled with "Ignore Query String" setting.

The Problem:

Requests via AFD return errors or fail to resolve the path correctly.

I encountered a Conflict error when trying to create/update routes due to overlapping patterns with the "default-route".

Purge Cache was performed, but the issue persists.

Request: Please investigate why the Front Door endpoint is failing to route requests to the Storage origin and help resolve the routing conflict so the images can load properly via the custom CDN domain.

Subject: Azure Front Door - Media Assets (Images) Not Loading via Custom Domain

Issue Summary: My website images, hosted on Azure Blob Storage, are not displaying through the Azure Front Door (AFD) endpoint/custom domain (cdn.pass-tickets.com), although they are accessible via the direct Blob Storage URL.

Technical Details:

Origin: Azure Blob Storage (passticketsstorage.blob.core.windows.net).

Storage Access: Anonymous Blob access is Enabled on the container level (Public access verified).

Front Door Configuration:

Endpoint: media-facgbpgthza3dhc2.z01.azurefd.net.

  __Origin Group:__ Correctly points to the Storage Account.
  
     __Route:__ Pattern to match is `/*`, and the Origin Path is currently __Empty__ (to match the storage structure).
     
        __Caching:__ Enabled with "Ignore Query String" setting.

The Problem:

Requests via AFD return errors or fail to resolve the path correctly.

I encountered a Conflict error when trying to create/update routes due to overlapping patterns with the "default-route".

Purge Cache was performed, but the issue persists.

Request: Please investigate why the Front Door endpoint is failing to route requests to the Storage origin and help resolve the routing conflict so the images can load properly via the custom CDN domain.

Azure Front Door
Azure Front Door

An Azure service that provides a cloud content delivery network with threat protection.

0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ganesh Patapati 11,370 Reputation points Microsoft External Staff Moderator
    2026-03-17T12:40:57.0066667+00:00

    Hello Jamal AbdelRahim

    Azure Front Door does not modify paths by default. Whatever path the client sends must map 1:1 to a valid blob path.

    This behavior is explicitly defined in Front Door routing and Blob origin documentation.

    In Azure Front Door Standard/Premium, each endpoint automatically includes a default-route with the /* pattern bound to the *.azurefd.net domain, and any attempt to create another /* route or attach a custom domain to a new overlapping route is rejected with a Conflict with default-route error because Front Door does not allow multiple routes with the same domain and path scope.

    Workaround: Reusing and modifying the existing default-route instead of creating a new one, and correcting the origin path so Blob Storage receives a valid container‑prefixed request, prevents route conflicts, eliminates Blob Storage 404 errors, and avoids unsupported routing patterns.

    Meantime,

    Verify the right origin host & path

    • If you’re using a public blob container (not the static-website feature), your origin host should be <youraccount>.blob.core.windows.net and Origin Path empty.
    • If you’ve enabled the static website feature, switch your origin host to <youraccount>.zXX.web.core.windows.net and set Origin Path to /$web (no container name in the URL).
    1. Resolve the routing-pattern conflict
      • Front Door won’t let you have two routes with identical /* patterns. You have two choices: • Change the new route’s “Pattern to match” to something more specific (e.g. /images/* or /media/*) and point it to the storage origin. • Keep the catch-all /* route but delete or disable the out-of-the-box default-route, then re-create your custom rule as the single /* entry.
      • Make sure you assign the correct priority (lower number = higher priority) so your storage route wins over any other.
    2. Check DNS & custom domain setup
      • Your CNAME for cdn.pass-tickets.com must point to your Front Door endpoint (media-facgbpgthza3dhc2.z01.azurefd.net).
      • Give DNS changes 30–60 minutes to propagate before testing.
    3. Purge & test
      • After you update the routes/origin-path, issue a full cache purge from the Front Door blade.
      • Use a tool like curl -v to inspect the x-cache response header (MISS vs HIT) and any X-Azure-Ref tracking reference for deeper troubleshooting.
    4. Look at error details
      • What HTTP status code are you getting back? 404? 502? 403?
      • Grab the X-Azure-Ref header value from the failing request and run it through the Front Door diagnostics in the portal to see where the request is dropping off.

    Reference Docs:

    I hope this has been helpful!

    If the above is unclear or you are unsure about something, please add a comment below.

    If these answer your question, click "Upvote" and click "Accept Answer" which may be beneficial to other community members reading this thread.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.