![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 25%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENU%3C/text%3E%3C/svg%3E)
Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
724 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 81%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Welcome to the Microsoft Q&A Platform. Thank you for posting your query here.
- You can configure a single Azure Front Door resource with a custom domain to route traffic to different backend resources based on the route using a combination of frontend endpoints, origin groups, and routing rules. For your reference: https://learn.microsoft.com/en-us/azure/frontdoor/front-door-custom-domain
- A custom domain that you own and can manage its DNS records. You'll also need a valid SSL/TLS certificate for this domain. You can either bring your own certificate or use a free one managed by Azure Front Door. For your reference: https://learn.microsoft.com/en-us/azure/frontdoor/end-to-end-tls?pivots=front-door-standard-premium
- Go to you Azure Front Door and search for origin group and add an origin group. Give a name to your origin group, add your origin resource, host name, header, priority, weight and health probe. For your reference: https://learn.microsoft.com/en-us/azure/frontdoor/health-probes#:~:text=To%20determine%20the,client%20requests%20to.
- Next go to Frontend endpoints in your Azure Front Door. You can find it under settings.
- Give a host name, if you require enable session affinity, enable and select a WAF policy to protect your application from common web vulnerabilities, it will be available only for Premium Front Door. For your reference: https://azure.microsoft.com/en-in/pricing/details/frontdoor/#:~:text=Azure%20Front%20Door%20Premium%20builds%20on%20the,is%20included%20in%20Azure%20Front%20Door%20Premium.
- Next choose certificate type (Own certificate or Front Door managed) and click to add.
- After adding, you will need to add a CNAME record for your custom domain to your DNS provider.
- This CNAME record should point to your Front Door's default frontend host.
- Next configure routing rules: Go to routing rules in your Front Door, it will be available under settings.
- Provide name, select accepted protocols and select your custom domain.
- Next for your API enter /api/* and for your storage account enter /content/*, select the route type to forward for routing to your origin group.
- Select the appropriate origin group, for the /api/* rule, choose your api-origin-group and for the /content/* rule, choose your storage-origin-group and also configure the forwarding protocol and click to add the routing rule.
- After updating your DNS records, it might take some time for the changes to propagate globally.
- Once DNS changes have propagated, test your custom domain.
Kindly let us know if the above helps or you need further assistance on this issue.
Thanks,
Sai.