locked
Azure App Services - as a FTPS endpoint RRS feed

  • Question

  • How can I to host a FTPS site on Azure app service? Creating a Web app does create a FTPS endpoint that I can use for the deployment, on which my deployment account has access by default and that is not what I am looking for. I am trying to find out if I can host a ftps://<>.azurewebsites.net site itself. Any thoughts or pointers will be really helpful.

    1. I cannot expose storage as as FTPS endpoint. 

    2. Azure file shares initially sounded promising, but besides SMB protocol, they do not have the FTPS capability.

    [Posting this here as suggested by @AzureSupport on Twitter.]

    Monday, March 19, 2018 5:07 AM

Answers

  • The only way an application can be accessed via the internet is through the already-exposed HTTP (80) and HTTPS (443) TCP ports; applications may not listen on other ports for packets arriving from the internet.

    All Azure Web Apps (as well as Mobile App/Services, WebJobs and Functions) run in a secure environment called a sandbox. Each app runs inside its own sandbox, isolating its execution from other instances on the same machine as well as providing an additional degree of security and privacy which would otherwise not be available. The sandbox mechanism aims to ensure that each app running on a machine will have a minimum guaranteed level of service; furthermore, the runtime limits enforced by the sandbox protects apps from being adversely affected by other resource-intensive apps which may be running on the same machine.

    For more details, refer to Networking Restrictions/Considerations.

    -----------------------------------------------------------------------------------------------
    Do click on "Mark as Answer" and “Vote as Helpful” on the post that helps you, this can be beneficial to other community members.

    Monday, March 19, 2018 3:00 PM

All replies

  • The only way an application can be accessed via the internet is through the already-exposed HTTP (80) and HTTPS (443) TCP ports; applications may not listen on other ports for packets arriving from the internet.

    All Azure Web Apps (as well as Mobile App/Services, WebJobs and Functions) run in a secure environment called a sandbox. Each app runs inside its own sandbox, isolating its execution from other instances on the same machine as well as providing an additional degree of security and privacy which would otherwise not be available. The sandbox mechanism aims to ensure that each app running on a machine will have a minimum guaranteed level of service; furthermore, the runtime limits enforced by the sandbox protects apps from being adversely affected by other resource-intensive apps which may be running on the same machine.

    For more details, refer to Networking Restrictions/Considerations.

    -----------------------------------------------------------------------------------------------
    Do click on "Mark as Answer" and “Vote as Helpful” on the post that helps you, this can be beneficial to other community members.

    Monday, March 19, 2018 3:00 PM
  • Azure app service supports FTP / FTPS for deploying to app service by default. See https://docs.microsoft.com/en-us/azure/app-service/app-service-deploy-ftp for more details.
    Tuesday, March 20, 2018 10:24 PM
  • The only option then is to spin up a VM, host the classic FTPS site on it. Thank you for your response.
    Wednesday, March 21, 2018 4:30 PM
  • Thank you for the response, Sandeep.  I was looking for ways to host an actual FTPS endpoint on app service and not to deploy the app through FTP/FTPS.

    Creating a Web app does create a FTPS endpoint that I can use for the deployment, on which my deployment account has access by default and that is not what I am looking for. I am trying to find out if I can host a ftps://<>.azurewebsites.net site itself.

    Wednesday, March 21, 2018 5:11 PM
  • You are welcome!

    Wednesday, March 21, 2018 5:41 PM