Azure : Basic Network Hardening between a Webapp & the SQL Database

A quick tip on hardening your SQL database in combination with an Azure Webapp. Browse to the properties of your webapp. Copy the “outbound ip addresses” to your text editor.

2016-03-16 08_38_56-Properties - Microsoft Azure

Now browse to the “SQL Server” you have provisioned in Azure. Click on “Show firewall settings” and enter the IP addresses you just noted down.

2016-03-16 08_38_13-Firewall settings - Microsoft Azure

A small pointer ; You have to enter this an address at the time and save after each entry… Annoying as hell, though this is how the UI works.

Anyhow, let’s see how our webapp behaves…

2016-03-16 08_43_42-Welcome to CodeIgniter

As you probably do not believe my right off the bat. So let’s clear up the firewall rules…

2016-03-16 08_44_52-Firewall settings - Microsoft Azure

and test again! 2016-03-16 08_45_35-Database Error

Now we notice that the access to the database was denied. The address listed there is the one that was present in the outbound ip addresses listing from earlier on.

Have fun hardening!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.