one Traffic manager and multiple DNS mapping (pls need clarification on how security is ensured)
Hi Team, I feel really strange on how Azure Traffic Manager allowing traffic from multiple Custom domains with just adding a CNAME record of traffic manager to them without enforcing any validation of DNS from Azure end. May be I am wrong, but let me explain in detail: Here's my setup: Traffic Manager \_____ App Gateway(East) & App Gateway(West) \_WebApp (East) & \_WebApp(West) A HA setup with applications in East & West. I've bought Domain from GoDaddy & I added CNAME record pointing to Traffic manager (pqr-tm.trafficmanager.net). I did no additional steps for Domain validation from Azure. After the DNS propogation happend, the other day when I tired my Custom Domain (lets say pqr.com), it routed to my WebApp as expected as per CNAME record. Now, when I typed http://www.prq.com in https://digwebinterface.com I could see, it resolved first to "traffic manager" (it clearly displaying my traffic manager name), then to Application Gateway DNS and then to Application Gateway Public IP. Then my friend said, I'll do a trick, I'll get into your site without my notice. Here's what he did: he has Domain in Yahoo. lets say - xyz.com he opened his Yahoo account, went to DNS settings, and in Forward URL option, he kept my traffic manager DNS name which is clearly appearing in https://digwebinterface.com by just typing my website http://www.prq.com in it. To my surprise, with in a minute, when he type xyz.com in browser, my WebApp started rending page. So, I thought where is security? Here's my point: https://digwebinterface.com -- is publicly available by typing the site name, any one can get Traffic manager URL (if the setup includes it) then, just by keeping CNAME in their forward URL, if they are able to map my site....where is the security? or Am I missed any step in Traffic manager which binds My Domain to it and If any others tries to point their domain to my traffic manager, it rejects? Pls help!! I've a strong feeling that, there will be tightening point, which I am not aware of. Pls guide Guru's :) Thanks, Kiran
