Restrict /umbraco
# help-with-umbraco
i
Hi, I’m trying to block access from unknown ip to Umbraco backend following the hardening guide, but middleware in core doesn’t have variable for x-forwarded-for. I’m using an app gateway with waf and Linux app service. Anyway to do it with the middleware, or do I use the gw/ waf ? Thanks!
m
Hi, your better off using the gw or waf, as it reduces load on your site code if someone was to try hammer /Umbraco from an unknown ip
i
Ok great thanks, just figuring out the rules in the waf now
Discovered that gw rules are better than waf. Waf rules don’t support read ahead in the Reg ex so couldn’t exclude api and surface. Redirect on gateway all working great now
3 Views