Limit number of connections from a client IP to a Web App

Brass Contributor

Hi,

 

We are developing a Web App in Azure, published to internet through a dns name and port 443 using an Application Gateway. We need to limit the number of simultaneous connections that can be from the same IP. With which Azure tool can we do this?

 

Curiously, we have asked chatGPT and there was an option that we cannot find right now (remember that it has information up to 2021).

 

mgfeal_0-1684529302307.png

 

This option doesn't appear when we enable "Connection draining".

Is there any other way to do it? Maybe in another option within Application Gateway, using WAF, adding a Firewall...?

 

Thanks!

2 Replies
This option does not exist at all, and I don't think application gateway can help in such scenario. Application gateway works as a reverse proxy so it will not limit the connection to the web app, it will just proxy it without any limitation.

The closest thing I can think about for your scenario is to use front door with WAF and use the rate limit feature: https://learn.microsoft.com/en-us/azure/web-application-firewall/afds/waf-front-door-rate-limit-conf...
Or maybe use caching so that requests are served from the cache instead of being sent every time to the web app.

Please note such solution will add some complexity to the environment and additional cost. Front door is not a cheap service.
You can enable (WAFv2) Web Application firewall that has an option called rate limiting maybe you can try that option . It is one of the OWSAP top 10 requirement if not mistake
Please "Accept as Answer" if it helped so it can help others in community looking for help on similar topics.