Forum Discussion
How to Protect ...azure-api.net Subdomain from DDoS Attacks when using API Management Basic
To protect your azure-api.net subdomain from DDoS attacks using Azure API Management in external mode.
1.Route traffic through Azure Front Door with Web Application Firewall (WAF) for DDoS protection and security.
2. Configure APIM to allow traffic only from Azure Front Door IP ranges using IP filtering.
3. Add custom headers in Front Door and configure APIM to validate these, ensuring all traffic goes through Front Door.
4. Implement rate limiting and quotas in APIM to control traffic.
5. Monitor traffic using Azure Monitor for any anomalies.
This setup ensures traffic is filtered through Front Door, protecting against DDoS and unauthorized access.
May worth to refer this as well:
Integrate Azure Front Door with Azure API Management - Microsoft Community Hub