Azure Front Door—March 2020 updates
Updated: March 18, 2020
Improve your apps for performance, security, availability, and scalability by using Azure Front Door, a cloud-native modern Content Delivery Network. It provides a high performant and low latency network, web application firewall, global load balancing, SSL offload, and TCP/SSL optimizations.
Several key capabilities for Front Door have been recently released into general availability (GA):
- Support for wildcard hosts/domains—Add wildcard domains in your configs like *.contoso.com or *.apps.contoso.com.
- Configurable idle timeout—Customize the idle timeout when Front Door waits on the first packet of request/response.
- Minimum transport layer security (TLS) version— Configure the minimum TLS version to be supported for your custom domains a key requirement for PCI compliance.
- Health probe configurability improvements—Save on bandwidth charges at your backend by setting the health probe method to HEAD instead of GET requests. Additionally, for backend pools with a single backend, you can now disable health probes.
- Easier lockdown for backends—Now instead of using multiple values for X-Forwarded-Host header for filtering traffic to your backends, use the Front Door ID field for a new header X-Azure-FDID to lockdown your backends for both production traffic as well as health probes.
- Disabling certificate name check for backends—Use this field to configure Front Door to ignore the subject name on the certificate when setting up an SSL connection with the backend if your backend doesn’t host a valid certificate with matching subject name as the host name.