You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/frontdoor/front-door-security-headers.md
+16-12Lines changed: 16 additions & 12 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,14 +2,12 @@
2
2
title: 'Tutorial: Add security headers with Rules Engine - Azure Front Door'
3
3
description: This tutorial teaches you how to configure a security header via Rules Engine on Azure Front Door
4
4
services: frontdoor
5
-
documentationcenter: ''
6
5
author: duongau
7
-
editor: ''
8
6
ms.service: frontdoor
9
7
ms.topic: tutorial
10
8
ms.tgt_pltfrm: na
11
9
ms.workload: infrastructure-services
12
-
ms.date: 09/14/2020
10
+
ms.date: 10/12/2022
13
11
ms.author: duau
14
12
# Customer intent: As an IT admin, I want to learn about Front Door and how to configure a security header via Rules Engine.
15
13
---
@@ -26,32 +24,38 @@ In this tutorial, you learn how to:
26
24
27
25
## Prerequisites
28
26
29
-
*Before you can complete the steps in this tutorial, you must first create a Front Door. For more information, see [Quickstart: Create a Front Door](quickstart-create-front-door.md).
30
-
*If this is your first time using the Rules Engine feature, see how to [Set up a Rules Engine](front-door-tutorial-rules-engine.md).
27
+
*An Azure subscription.
28
+
*An Azure Front Door. To complete the steps in this tutorial, you must have a Front Door configured with rules engine. For more information, see [Quickstart: Create a Front Door](quickstart-create-front-door.md) and [Configure your Rules Engine](front-door-tutorial-rules-engine.md).
31
29
32
30
## Add a Content-Security-Policy header in Azure portal
33
31
34
-
1.Click **Add**to add a new rule. Provide the rule a name and then click **Add an Action** > **Response Header**.
32
+
1.Within your Front door resource, select **Rules engine configuration**under **Settings**, and then select the rules engine that you want to add the security header to.
35
33
36
-
1. Set the Operator to be **Append** to add this header as a response to all of the incoming requests to this route.
34
+
:::image type="content" source="media/front-door-security-headers/front-door-rules-engine-configuration.png" alt-text="Screenshot showing rules engine configuration page of Azure Front Door.":::
37
35
38
-
1. Add the header name: **Content-Security-Policy** and define the values this header should accept. In this scenario, we choose *"script-src 'self' https://apiphany.portal.azure-api.net."*
36
+
2. Select **Add rule** to add a new rule. Provide the rule a name and then select **Add an Action** > **Response Header**.
37
+
38
+
3. Set the Operator to **Append** to add this header as a response to all of the incoming requests to this route.
39
+
40
+
4. Add the header name: *Content-Security-Policy* and define the values this header should accept, then select **Save**. In this scenario, we choose *`script-src 'self' https://apiphany.portal.azure-api.net`*.
41
+
42
+
:::image type="content" source="./media/front-door-security-headers/front-door-security-header.png" alt-text="Screenshot showing the added security header under.":::
39
43
40
44
> [!NOTE]
41
45
> Header values are limited to 640 characters.
42
46
43
-
1. Once you've added all of the rules you'd like to your configuration, don't forget to go to your preferred route and associate your Rules Engine configuration to your Route Rule. This step is required to enable the rule to work.
47
+
5. Once you've added all of the rules you'd like to your configuration, don't forget to go to your preferred route and associate your Rules engine configuration to the Route Rule. This step is required to enable the rule to work.
:::image type="content" source="./media/front-door-security-headers/front-door-associate-routing-rule.png" alt-text="Screenshot showing how to associate a routing rule.":::
46
50
47
51
> [!NOTE]
48
52
> In this scenario, we did not add [match conditions](front-door-rules-engine-match-conditions.md) to the rule. All incoming requests that match the path defined in the Route Rule will have this rule applied. If you would like it to only apply to a subset of those requests, be sure to add your specific **match conditions** to this rule.
49
53
50
54
## Clean up resources
51
55
52
-
In the preceding steps, you configured Security headers with Rules Engine. If you no longer want the rule, you can remove it by clicking Delete rule.
56
+
In the previous steps, you configured security headers with rules engine of your Front Door. If you no longer want the rule, you can remove it by selecting **Delete rule** within the rules engine.
:::image type="content" source="./media/front-door-security-headers/front-door-delete-security-header.png" alt-text="Screenshot showing how to delete the security rule.":::
0 commit comments