![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 9%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJA%3C/text%3E%3C/svg%3E)
Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 23%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVV%3C/text%3E%3C/svg%3E)
Hi @ Jamal AbdelRahim,
Welcome to Microsoft Q&A Platform.
If you are unable to create a new route due to a conflict with the built-in default-route.
Host Header Mismatch → 404 Error: By default, Azure Front Door (AFD) forwards the original Host header (xxxx.xxx-txxxts.com) to your storage origin. However, Azure Blob Storage only serves requests when the Host header matches:
<storageAccount>.blob.core.windows.net
Because of this mismatch, the request is rejected with a 404 error.
In your origin settings-->Enable “Override backend host header” (or “Origin host header override”) and Set it to:
<storageAccount>.blob.core.windows.net
This ensures that Front Door uses the correct storage FQDN when fetching blobs, resulting in a 200 response.
The Route Conflict with Default Route-In Standard/Premium Front Door, a default-route is created automatically. Any new route with overlapping settings (such as /* path or wildcard domains) will cause a conflict.
Option 1: Edit the Existing Default Route (Recommended)
Go to Front Door Designer → Routes--->Open default-route--->Under Custom domains, add below
xxxxxx-ticxxs.com
Under Origin groups, select your Blob Storage origin group--->Ensure the path pattern is:
/*
Save the configuration and wait a few minutes for propagation.
Option 2: Create a New Route with Non-Overlapping Criteria
Go to Routes → + Add Route-->Provide a name (e.g., cdn-route)-->Configure the following:
- Accepted protocols: HTTP/HTTPS
- Custom domains:
cdn.pass-tickets.com - Patterns to match:
/* - Forwarding: Select your Blob Storage origin group
- Enable host header override as mentioned earlier
- Click Save
After configuring the settings, purge the Front Door cache and wait 5–10 minutes for propagation. Then, test again using your custom domain.
If you still get a 404 after this, the problem is almost always host header override not applied correctly or route not attached to the correct domain—worth double-checking before going deeper.
Ref: Integrate an Azure Storage account with Azure Front Door
Note: If the above steps did not help resolve your issue, please feel free to share the details in a private message so we can proceed with further troubleshooting over a Teams call. I am happy to connect with you on Teams to investigate and resolve the issue.