Wednesday, June 6, 2018

Routing and forcing HTTP request and URL to HTTPS in Azure app service

If you have a REST server it is mandatory to have some standard security in place. The first and foremost security is connection to your REST services and APIs. Basic is make it HTTPS. Now as it is an web service usually it has HTTP on it. You can stop it by blocking the port 80 which is not OK in case you are doing scale up and scale down of your service. So what to chose?

Easy way is to use the web.conf  file in the Azure application services wwwroot directory as a place.
Just put the following texts on the wwwroot/web.conf file and restart the service.

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
  <system.webServer>
    <rewrite>
      <rules>
        <!-- BEGIN rule TAG FOR HTTPS REDIRECT -->
        <rule name="Force HTTPS" enabled="true">
          <match url="(.*)" ignoreCase="false" />
          <conditions>
            <add input="{HTTPS}" pattern="off" />
          </conditions>
          <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
        </rule>
        <!-- END rule TAG FOR HTTPS REDIRECT -->
      </rules>
    </rewrite>
  </system.webServer>
</configuration>

Web services not running on Azure suddenly with error '-2147023436'

Suddenly on 06/06/2018 around 7:20am UTC), our Azure application services stopped running.  We were seeing the following error:

Process '5324' failed to start.
Port = 29399
Error Code = '-2147023436'.

Restarting the services doesn't help.

Error on eventlog.xml dumped as -

<Events>
    <Event>
        <System>
            <Provider Name="HttpPlatformHandler"/>
            <EventID>1000</EventID>
            <Level>1</Level>
            <Task>0</Task>
            <Keywords>Keywords</Keywords>
            <TimeCreated SystemTime="2018-06-06T01:35:40Z"/>
            <EventRecordID>137600031</EventRecordID>
            <Channel>Application</Channel>
            <Computer>RDXXXXXXXX</Computer>
            <Security/>
        </System>
        <EventData>
            <Data>Process '3408' failed to start. Port = 14790, Error Code = '-2147023436'.</Data>
        </EventData>
    </Event>
    <Event>
We spend over 8 hours to figure out the issue as we have few live company on the service as a customer. It was hail storm. But whatever, I was able to find the root cause and it seems like it is the issue of Microsoft Azure services itself. Reason was they have updated their app services to work with only newest jetty for web container and minor java version to newest as must requirement. And no notification for that change.

So if you ever face this issue please go to the application setting from the https://portal.azure.com and set the recommended setting that I have mentioned.