I'm using a staging slot in Azure, where I just allow some IP's to have access to it. I have written the below rule in the web.config file:
<rule name="Block unauthorized traffic to staging sites" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTP_HOST}" pattern="^mydomain\-mydomainslot1\."/>
<!-- white listed IP addresses -->
<add input="{REMOTE_ADDR}" pattern="ip1" negate="true"/>
<add input="{REMOTE_ADDR}" pattern="ip2" negate="true"/>
</conditions>
<action type="CustomResponse" statusCode="403" statusReason="Forbidden"
statusDescription="Site is not accessible" />
</rule>
The slot accepts traffic from my domain, ip1 and ip2. However, I have a webjob (which is in the slot) that makes a PostAsJsonAsync call the to the slot url, and I receive a forbidden as an answer. I don't know the IP address of the webjob (it is supposed to be the same as the website/slot), but anyway, I don't have a static IP address to use it in the rule. How should I solve this problem? Is there another way of solving this issue without reserving an IP in Azure?
Ok I have figured out. Theres no need to reserve an IP. I have just added all the possible outbound IPs to my web.config and it's working now. I was missing the fact that the inbound and outbound IPs are different. The webjob has the same virtual IP as the website, but there can be multiple outbound IPs. Those outbound IPs are in the Azure Portal.