Azure WAF重写用于更新端口号码的规则

发布于 2025-01-21 04:46:54 字数 810 浏览 4 评论 0原文

我有一个运行两个Web应用程序的Azure中的服务器，一个在端口443（IIS）上，另一个在1024（Apache）上。两者都是https。我有一个Azure应用程序网关（WAF V2）。我想允许subdomain1.domain.com的请求通过443（设置和工作），并要求在内部重新编写subdomain2.domain.com的请求到端口1024。

我尝试了各种条件和行动的组合，但根本无法做任何事情，好坏或无动于衷！

我目前的情况如下

Type of variable to check: HTTP Header
Header type: Response Header
Header name: Common Header
Common header: Location
Case-sensitive: No
Operator: =
Pattern to match: (https?):\/\/.*subdomain2.domain.com(.*)$

：我当前的动作是：

Re-write type: Response Header
Action type: Set
Header name: Common header
Common header: Location
Header value: https://backendservername.domain.com:1024{http_resp_Location_2}

我找不到完全可以做任何事情的组合，也找不到任何显示端口更新的示例。我已经尝试使用请求标题和主机值，但是不幸的是，与主机在HTTP设置中重写的冲突是使任何端到头SSL工作所必需的。

提前致谢。马特。

原文

I have a server in Azure running two web apps, one on port 443 (IIS), another on 1024 (Apache). Both are https. I have an Azure Application Gateway (WAF v2) in place. I would like to allow requests for subdomain1.domain.com to go through on 443 (which is set-up and working) and requests for subdomain2.domain.com to be re-written to port 1024 internally.

I have tried various combinations of conditions and actions, but cannot get anything to do anything at all, good bad or indifferent!

My current Condition is as follows

Type of variable to check: HTTP Header
Header type: Response Header
Header name: Common Header
Common header: Location
Case-sensitive: No
Operator: =
Pattern to match: (https?):\/\/.*subdomain2.domain.com(.*)$

My current action is:

Re-write type: Response Header
Action type: Set
Header name: Common header
Common header: Location
Header value: https://backendservername.domain.com:1024{http_resp_Location_2}

I can't find a combination that does anything at all, nor any examples that show port updates. I've tried using request headers and the host value, but unfortunately that conflicts with the host rewrite in the HTTP Settings that was necessary to get any end to end SSL working.

Thanks in advance.
Matt.

分享到QQ

分享到微博