If your organisation is having a global web application or you are delivering content through APIs, apps, or websites. Then you must be using the CDN for content flow and it is a good way to improve performance and user experience. Unfortunately, traditional CDN does not provide a robust security environment for your digital assets.
Azure Front Door is a service by Microsoft Azure that lets you take advantage of CDN capabilities with advanced security and better performance. Here in this article, we will explore more about Azure Front Door and we will also see how you can set up Azure Front Door for your applications.
What is Azure Front Door?
Azure Front Door works as an entry point for your web applications. It provides a secure and scalable way to launch web applications. It uses the Microsoft Global Edge network to accept the traffic and you can also configure a Web Application Firewall(WAF) with it to protect your web app from any malicious attacks.
Let’s understand the need and working of Azure Front Door. Assume that you have deployed a web application without Azure Front door. So the request flow to your web app will be straight forward. Someone will make a request from their computer and your web app will get the response. Some of the potential issues associated with this approach are:
● Performance, if your application is deployed in the East US and someone is visiting from Asia then your app will be a little slower.
● Availability, in case of any failure or overload of traffic; your application will stop working and it will take some time to route the traffic to another data center manually.
● Security, your web app will be open to hackers and they can attempt for security loops. This may cost big to you and your organisation.
So what is the use of Azure Front Door?
Azure Front Door sends the request to the instance in the nearby region. So you will have a better performance. Also, in case of any failure, it directs the traffic to active instances. You can also set up a firewall with your application with Azure Front Door which will help in security.
What are some of the features of Azure Front Door?
● Application and API optimization.
● Web Application Firewall(WAF) for better security.
● Certificate management and SSL offloading.
● You can use your custom domain.
● Redirect HTTP to HTTPS with URL redirect.
● Custom forwarding with URL rewrite.
Pricing of Azure Front Door
Azure Front Door is based on pay-as-you-go pricing. So you pay for what you use.
Setup an Azure Front Door for a web application
Here we will have two instances for our web application that will run in two different regions. Then we will configure Azure Front Door with these instances based on the same priority backends. Now any request made to access the application will be directed to the nearest instance and in case of any failure, it will direct it to the next site. So we will complete this tutorial in three parts:
● Create two instances for web app
● Setup the Azure Front Door
● View the Azure Front Door working
Create two instances of a web application
We need to create two active instances for our web application that run in different regions. Both the instances will remain active, so either one of them can handle the incoming traffic.
- Go to Azure Portal and then search for the Web App.
2. Enter the details on the next page.
Subscription: Select the subscription
Resource Group: Select the existing subscription or create a new one.
Name: Enter a unique name.
Publish: Choose Code.
Runtime Stack: .Net core 3.1(LTS)
Operating System: Windows
Region: Region of your choice
Windows Plan: create a new plan.
Sku and size: Standard S1 100 total ACU, 1.75 GB memory
3. Click on Review + Create and then Create.
4. It will take a few minutes and your application will be deployed. After that create a new web application with a different resource group, new unique name, different region and new windows plan.
Create and set up a Front Door
We have two applications in different regions and now we will create a Front Door for these applications to direct the incoming traffic.
- From your Azure Home portal, select Create a resource and then search for Front Door.
2. Enter the required information including subscription, resource group, and location.
3. Go to configurations and click on ‘+’ in front of Frontend/domains. Enter a globally unique hostname and click on Add. For example, enter — azfrontdoor1
4. Now add a backend pool by clicking on ‘+’ in front of the Backend Pool. Enter a name for the backend pool and then select +Add a backend.
5. For backend host type select App service and then subscription and for backend hostname select the web app you created at the start. Leave everything else as default and click on Add.
6. Follow the 5th step again and this type for backend hostname select the second web app that you created and then click on Add.
7. Now we will add a routing rule to map the frontend host to the backend pool.
8. You should be still on the configuration tab. So from there choose Routing rules and enter a name of the rule for example — LocationRule and then click on Add.
9. After setting everything click on Review + create and then Create.
View Azure Front Door working
After setting up the Azure Front Door for our application. It is time to check whether it is working correctly or not. So to do that follow the below steps:
- Go to your web app URL. We have given the name azfrontdoor1 to our front-end host. So the URL for the app will be ‘azfrontdoor1.azurefd.net’. When you visit this URL, Azure Front Door will direct your request to the nearby instance. As of now, you will see a common information page as you have not uploaded your web app.
- Now go to your web app page in the Azure portal and stop the first web app. And go again to the same URL. You will see the same information because Azure Front Door has directed the request to another Web app.
- Now stop the second web app that you have created and refresh the web page again and this time you will see an error message. It is because both instances have been stopped.
Conclusion
Azure Front Door works as Global Traffic Manager for your applications and providers secure entry point with security, scalable along with performance efficient features.
