As for now, it’s not possible to IP/Domain restrict an Windows Azure website from the administration portal. You’ll have to add security rules yourself to web.config associated with your website.
Go to system.webServer section of your web.config and add a security element, if you don’t already have it.
Inside you can configure security rules; “ipsecurity”.
Add the IP address and subnet mask for those IP addresses you want to allow access to your website.
If you need to allow several IP’s, simply duplicate the “ipsecurity” element and edit the IP address.
[xml]
<system.webServer>
<security>
<ipsecurity allowUnlisted="false" denyAction="NotFound">
<add allowed="true" ipAddress="8.8.8.8" subnetMask="255.255.255.0"></add>
</ipsecurity>
</security>
</system>
[/xml]
Gist: https://git.io/vrrEQ/a>