Hi, I’m trying to block access from unknown ip to Umbraco backend following the hardening guide, but middleware in core doesn’t have variable for x-forwarded-for. I’m using an app gateway with waf and Linux app service. Anyway to do it with the middleware, or do I use the gw/ waf ? Thanks!
m
Matt Wise
01/06/2025, 7:55 AM
Hi, your better off using the gw or waf, as it reduces load on your site code if someone was to try hammer /Umbraco from an unknown ip
i
InkZ
01/06/2025, 9:26 AM
Ok great thanks, just figuring out the rules in the waf now
InkZ
01/06/2025, 4:36 PM
Discovered that gw rules are better than waf. Waf rules don’t support read ahead in the Reg ex so couldn’t exclude api and surface. Redirect on gateway all working great now
