Hi, I’m trying to block access from unknown ip to Umbraco backend following the hardening guide, but middleware in core doesn’t have variable for x-forwarded-for. I’m using an app gateway with waf and Linux app service. Anyway to do it with the middleware, or do I use the gw/ waf ? Thanks!

Hi, your better off using the gw or waf, as it reduces load on your site code if someone was to try hammer /Umbraco from an unknown ip

Ok great thanks, just figuring out the rules in the waf now