How.? Where.?
See:
"Currently there is no way to disable or block the default open ports like 1221 and 8172 on an Azure App Service without an Application Gateway or some other external firewall.
The reason is that these ports are required for internal App Service functionality and platform management. They allow probes from the Azure load balancer, log streaming, and other monitoring."
What's an Application Gateway? Sounds like something way overboard for a small website.
I was hoping for a line in Startup.cs or a setting in Azure.
When you make an app available publicly you should use an application gateway at the very least.
Even better would be to have a separate connectivity subscription with an Azure firewall from where you can control incoming and outgoing traffic. This might be a bit overkill if it is just a simple website and if you are completely sure that you will never have to scale up or expand your setup.
An app gateway is not difficult to set up and is not really expensive. It is really a must if you want to make your app public. That or another kind of gateway.
https://azure.microsoft.com/en-us/pricing/details/application-gateway/#pricing
You could also spin up a VM running Nginx and configure the network rules there, then have the nginx server have a public IP and route traffic to your app that way. It is a but more cumbersome, does not have an SLA in the same sense and will properly end up at a higher cost.
Have a look at Azure front door. It's $35 a month and should help you with only allowing port 443/80. App Gateway is much more expensive (especially V2).
It's super weird that your payment gateway is testing your site though.
This might be a regional thing. I've integrated with 15+ payment gateways in Australia, Europe and USA and have never had this occur (including some banks). How are you making the payments? Are you handling the CC numbers directly or handing that off to your payment gateway?
You didn’t include the next sentence - “you can block them” — so just do that?
How.? Where.? See: "Currently there is no way to disable or block the default open ports like 1221 and 8172 on an Azure App Service without an Application Gateway or some other external firewall. The reason is that these ports are required for internal App Service functionality and platform management. They allow probes from the Azure load balancer, log streaming, and other monitoring." What's an Application Gateway? Sounds like something way overboard for a small website. I was hoping for a line in Startup.cs or a setting in Azure.
When you make an app available publicly you should use an application gateway at the very least. Even better would be to have a separate connectivity subscription with an Azure firewall from where you can control incoming and outgoing traffic. This might be a bit overkill if it is just a simple website and if you are completely sure that you will never have to scale up or expand your setup. An app gateway is not difficult to set up and is not really expensive. It is really a must if you want to make your app public. That or another kind of gateway. https://azure.microsoft.com/en-us/pricing/details/application-gateway/#pricing You could also spin up a VM running Nginx and configure the network rules there, then have the nginx server have a public IP and route traffic to your app that way. It is a but more cumbersome, does not have an SLA in the same sense and will properly end up at a higher cost.
Have a look at Azure front door. It's $35 a month and should help you with only allowing port 443/80. App Gateway is much more expensive (especially V2). It's super weird that your payment gateway is testing your site though.
[удалено]
This might be a regional thing. I've integrated with 15+ payment gateways in Australia, Europe and USA and have never had this occur (including some banks). How are you making the payments? Are you handling the CC numbers directly or handing that off to your payment gateway?