Forum Discussion
Secure a VM-based web server sitting behind Azure Front Door + WAF from the internet
Hi All I have a web server that's running on a VM inside Azure. The server is exposed to the internet through an NGINX reverse proxy and a public IP address. For added security, I've set up an A...
JRSSA what you could do to prevent connections directly to your VM is using NSGs. You could prevent specifically traffic from Internet (using NSG Service Tags) and then creating another rule (with higher priority) to accept connections from Azure Front Door. You can find IP addresses here: https://docs.microsoft.com/en-us/azure/frontdoor/front-door-faq#how-do-i-lock-down-the-access-to-my-backend-to-only-azure-front-door
Hope you find this useful.
Cheers
