Merge pull request #195827 from skishen525/patch-51

tamarakhader · web-flow · commit 990908a76647 · 2022-04-22T12:13:04.000-04:00
Update front-door-faq.yml
diff --git a/articles/frontdoor/front-door-faq.yml b/articles/frontdoor/front-door-faq.yml
@@ -218,9 +218,12 @@ sections:
       - question: | 
           How does Front Door handle ‘domain fronting’ behavior? 
         answer: |
-          As of April 29, 2022, Microsoft has made a change to the behavior of Azure Front Door Standard/Premium/(classic) and Azure CDN from Microsoft (classic) in alignment with its commitment to stop allowing domain fronting behavior on its platform.  After this date, new Front Door and Azure CDN Standard from Microsoft resources that are created will block any HTTP request that exhibit this behavior.
+          As of April 29, 2022, Microsoft has made a change to the behavior of Azure Front Door Standard/Premium/(classic) and Azure CDN from Microsoft (classic) in alignment with its commitment to stop allowing domain fronting behavior on its platform.  Once blocking domain fronting is enabled, AFD and CDN resources will block any HTTP request that exhibit this behavior.
           If this behavior is enabled for your resource, requests where Host header in HTTP/HTTPS requests doesn't match the original TLS SNI extension used during the TLS negotiation, will be blocked.
-
+          
+          If you wish to block domain fronting for any existing Azure Front Door Standard and Premium, Azure Front Door (classic) and Azure CDN Standard from Microsoft (classic) resources or for new Azure Front Door Standard and Premium, Azure Front Door (classic) and Azure CDN Standard from Microsoft (classic) resources, please create a support request and provide your subscription and 
+          resource information. Upon enabling of blocking domain fronting behavior, Azure Front Door and Azure CDN Standard from Microsoft (classic) resources will block any HTTP request that exhibit this behavior.
+         
           When Front Door blocks a request due to this mismatch: 
           The client will receive a HTTP “421 Misdirected Request” error code response 
           Front Door will log the block in its diagnostic logs under the “Error Info” property with the value “SSLMismatchedSNI” 
