IP restrict Azure website

As for now, it’s not possible to IP/Domain restrict an Windows Azure website from the administration portal. You’ll have to add security rules yourself to web.config associated with your website.

Go to system.webServer section of your web.config and add a security element, if you don’t already have it.
Inside you can configure security rules; “ipsecurity”.
Add the IP address and subnet mask for those IP addresses you want to allow access to your website.
If you need to allow several IP’s, simply duplicate the “ipsecurity” element and edit the IP address.

<system.webServer>
	<security>
	  <ipsecurity allowUnlisted="false" denyAction="NotFound">
		<add allowed="true" ipAddress="8.8.8.8" subnetMask="255.255.255.0"></add>
	  </ipsecurity>
	</security>
</system>

Gist: https://git.io/vrrEQ/a>

Point your own domain to Windows Azure Web Site

Pointing your own domain name to your Windows Azure Web Site is fairly simple and fast, if you know how to. A place where people go wrong or find it difficult is regarding setting up DNS. I’ll try to narrow it down.

Start by logging into Windows Azure portal and head to your website. If you are running a free website, you’ll have to first scale it to either a shared or standard plan. Do this by clicking “Scale” on the top menu, and choose your desired plan.

Windows Azure domain

Now go to the “Configure” tab and press “manage domains”

Windows Azure domain

This popup will tell you instructions how to do, but these can be a bit tricky to understand. What is says, is Windows Azure needs to verify you are the domain name owner of your desired domain. This can be done by adding a CNAME-record to your DNS called awverify.domain.com

Furthermore we will have to point our A-record to the IP address stated in the popup if we want domain.com to redirect to our Windows Azure website. I’m not interested in that to start with. Instead I want azure.egeek.dk to point to my Windows Azure website, where as egeek.dk points to my own webserver.

Let’s head over to our DNS configuration. I’m using GratisDNS, but it doesn’t matter which you use. Configuration can look a bit different depending on your DNS host, but settings are the same.

Because I don’t want egeek.dk to point to Azure but my own server, I have given my servers IP as a-record. If you want domain.com to point to Azure, simply create a a-record with the IP address stated in the popup I mentioned previously.

Windows Azure domain

As for the CNAME, it is here we have to make a record, so Windows Azure can verify we are the domain owners. Secondly, it’s also here I create my subdomain pointing to Windows Azure.

Windows Azure domain

As you can see, I have created awverify.egeek.dk to point to egeek.azurewebsites.net – this is needed to make it possible for Windows Azure to verify I own the domain egeek.dk.
Secondly I have created azure.egeek.dk and pointed it to egeek.azurewebsites.net, making it possible to hit my Windows Azure website, when going to azure.egeek.dk.

That’s it. Keep in mind that DNS servers have to update before Windows Azure portal can register changes. Usually it takes a few minutes, but can take up to hours. If Windows Azure can not verify your domain within an hour, possibilities are, that you most likely did something wrong.

To check if DNS settings have passed through, we can bring up Command Line or Terminal.

1. “nslookup”
2. azure.egeek.dk

This will give us the output:

Windows Azure domain

This tells us the IP address and hostname the domain is pointing at. Keep in mind this is the DNS we are connected through. DNS servers has to transfer data to each other, so either ours or Windows Azure’s DNS might not have gotten the changed yet.

You can test other DNS servers, eg. Google’s DNS, by typing “server 8.8.8.8” followed by “azure.egeek.dk”

Windows Azure domain

As you can see, we are now using the DNS 8.8.8.8 (Google), and both DNS servers receive the same data.

Lets head back to Windows Azure portal > Web Sites > our website > Configure > manage domains
Type in your domain or subdomain, in my case azure.egeek.dk and click the accept button.

Windows Azure domain

If Windows Azure has registered DNS changes, you should now be able to point the domain / subdomain to your Windows Azure website.

Want to know more about setting up DNS records to point at Windows Azure, watch this Azure Friday video with Scott Hanselman and Stefan Schackow.

Create Windows Azure Web Site

If you haven’t played around with Windows Azure yet, head to their signup page and get a free 3 months trial account (Google it).
Even after your trial is expired, you’ll still be able to create 10 free websites per data center (meaning, more than 10, technically).

Windows Azure lets you easily create websites in the matter of seconds, where after you can deploy your content very fast with Web Deploy in Visual Studio or Webmatrix, from a git repository and through ftp, to name some of the possibilities. It’s a convenient way to test your code or even run sites, depending on your website settings and goals.

Free websites are restricted to run as a subdomain under azurewebsites.net – eg. azurerockz.azurewebsites.net. To map your own domain name to your Azure website, you’ll have to scale your website to either a shared or standard plan (more about that in another topic).

Let’s create our first website!
1. Log into Azure portal by going to https://manage.windowsazure.com

2. Click the big plus icon on the bottom left

3. Compute > Web Site > Quick Create

4. Pick a web site name and choose region (data center) and click “Create Web Site”
(Choose a region where your target audience is located, and remember to choose same region when creating a SQL database. This will make your traffic between website and SQL server free and of course improve performance.)

Windows Azure

In the matter of seconds your website is created and up running. You can see your running sites by clicking “Web Sites” in the menu to the left

Windows Azure

Heading to your newly created website, will show you this welcome screen with help on how to publish content

Windows Azure

In the Azure portal under Web Sites, click your newly created website and go to “Dashboard”. Here you’ll get an overview of resources used and other options. Try to click “Download the publish profile”. This profile contains login credentials for your website. You can either import the profile in Visual Studio or Webmatrix when you publish your site, or you can open it with your favourite text editor. The file contains hostname, username and password to use with FTP.

Windows Azure

This is how the publish profile file looks like. I have marked out the hostname, username and password.

Windows Azure