Configure HTTP settings

3.2 Azure Application Gateway

📘Microsoft Azure Networking Solutions (AZ-700)

Azure Application Gateway is a web traffic load balancer that lets you manage traffic to your web applications. One of the key parts of setting it up is HTTP settings, which control how the gateway communicates with your backend servers.

HTTP settings define the rules for how requests from clients are forwarded to your backend servers. These settings affect performance, security, and functionality of your web applications.

1. What Are HTTP Settings?

HTTP settings are configurations in Application Gateway that include:

  1. Protocol: Whether to use HTTP or HTTPS when connecting to your backend servers.
  2. Port: The port number the backend servers are listening on (usually 80 for HTTP, 443 for HTTPS).
  3. Cookie-based affinity: Keeps a user connected to the same backend server during a session.
  4. Connection settings: How the gateway opens and manages connections to backend servers.
  5. Timeouts: How long the gateway waits for a response from the backend.
  6. Custom headers: Optional headers that you can add to requests sent to backend servers.
  7. SSL settings (if using HTTPS): Certificates, protocols, and validation settings.

2. Key Components in HTTP Settings

a) Backend Protocol

  • HTTP: Data is sent in plain text.
  • HTTPS: Data is encrypted using SSL/TLS.

For IT security, always prefer HTTPS for sensitive data.

b) Backend Port

  • Specifies which port the Application Gateway should use to send traffic to the backend server.
  • Example: A web server might listen on port 8080 instead of the default 80, so the HTTP setting should match that port.

c) Cookie-based Affinity

  • Ensures a client always connects to the same backend server during a session.
  • Uses a special cookie called ApplicationGatewayAffinity.
  • Use case in IT environment: For a web application where a user’s session data is stored on one server, keeping them on the same server avoids losing session info.

d) Connection Draining

  • When you remove a backend server from the pool, connection draining allows existing requests to complete before the server is taken offline.
  • Prevents sudden disruption for users.

e) Timeout Settings

  • Request timeout: How long the gateway waits for a response from the backend server before returning an error to the client.
  • Example: A slow database query might take 30 seconds, so the timeout should be configured accordingly.

f) Custom Probes

  • HTTP settings can use health probes to check if backend servers are healthy.
  • If a server fails a probe, the Application Gateway stops sending traffic to it.

g) Host name override

  • Sometimes, your backend server requires a specific hostname to respond correctly.
  • You can configure Application Gateway to override the host header with the backend server’s name.

h) SSL settings for HTTPS backends

  • Use well-configured SSL certificates for secure connections.
  • You can choose to:
    • Use a trusted certificate: Validates the backend’s identity.
    • Ignore certificate errors: Only for testing; not recommended in production.

3. Practical IT Examples

  1. Web Application with Multiple Servers
    • Two web servers handle requests for an online portal.
    • HTTP settings: HTTPS, port 443, cookie-based affinity enabled to keep user sessions consistent.
    • Health probes monitor server availability; if one server goes down, traffic automatically reroutes.
  2. Backend API Server
    • API server listens on port 8080.
    • HTTP setting: HTTP protocol, port 8080, host name override set to the API server’s domain.
    • This ensures Application Gateway sends traffic correctly to the API.
  3. Secure Payment Gateway
    • Backend server must only accept encrypted traffic.
    • HTTP setting: HTTPS, SSL certificate verification enabled, timeout set to 60 seconds for long processing requests.

4. Exam Tips – What You Need to Remember

  1. HTTP settings control traffic to backend servers — it’s not for client communication.
  2. Cookie-based affinity keeps users on the same backend server.
  3. Timeouts and probes prevent failed requests from affecting users.
  4. HTTPS for backend requires SSL configuration.
  5. Host name override ensures backend servers respond correctly.
  6. Know the difference between frontend (client-facing) settings and backend HTTP settings.

5. Quick Checklist for Configuring HTTP Settings in Azure

SettingWhat to ConfigureNotes
ProtocolHTTP or HTTPSHTTPS preferred for security
PortBackend listening portDefault: 80 (HTTP), 443 (HTTPS)
Cookie-based affinityEnabled/DisabledUse if session consistency is needed
TimeoutSecondsDepends on backend response time
Host name overrideYes/NoNeeded if backend server expects a specific hostname
SSL settingsCertificate checkRequired if HTTPS backend
Custom headersOptionalAdd headers if backend requires them
Health probesYes/NoEnsures traffic goes to healthy servers

Summary: HTTP settings in Azure Application Gateway are critical for defining how the gateway talks to backend servers. They include protocol, port, SSL options, session handling, timeouts, and health monitoring. Proper configuration ensures secure, reliable, and efficient traffic routing.

Buy Me a Coffee

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by