How do you block a URL path with Azure Application Gateway?

Question

_{Thursday, July 11, 2019 7:08 PM}

I'm currently testing out Azure Application Gateway (Standard v2).

What I'm trying to do is block / blackhole / reject traffic that hits example.com/manager/, or example.com/admin/*, etc.

I'm sure this probably could be done with an additional web server and path-based rules pointing to it, but that seems a bit excessive for what I'm hoping would be native functionality or options to take care of this.

I found a post on TechNet that asked a very similar question, but unfortunately has no answer. https://social.technet.microsoft.com/Forums/en-US/d5093237-36ce-4082-99c9-f14dd3faf715/block-a-url-path-with-azure-application-gateway?forum=websitesvirtualmachinesonwinserver&prof=required

Thank you!

All replies (3)

_{Friday, July 12, 2019 5:25 AM}

Hi, 

You can achieve your task of black holing traffic with a specific URL with Application gateway. You need to add a separate backend pool for back holing traffic. Do a path based routing and forward all the traffic which you need to black hole to that backend pool. 

By doing that you will get 502 thrown by Application gateway as there are no servers added to the backend pool which you are pointing the traffic to.  If you need a fancy page to display, create a static page in a Storage account with public access and then add it to the backend pool of Application gateway. 

Let me know if you have any further questions. 

Regards, 

Msrini

_{Thursday, July 18, 2019 8:00 AM}

Hi, 

Do you have any update on this issue?

If the above proposed answered helped, please mark it as answered. 

Regards, 

Msirni

_{Tuesday, July 23, 2019 9:05 AM}

Hi, 

Just checking in if you have had a chance to see the previous response. If this answers your query, do click “Mark as Answer” and Up-Vote for the same.

Regards, 

Msrini