Faqcreate A Dedicated Faq Section Or Page

Posted on  by 

  • 25 of the Best Examples of Effective FAQ Pages. An FAQ page is one of the best ways to help people visiting or using your site. Get inspired by these 25 examples of creative and useful FAQ pages.
  • An FAQ page is often one of the most neglected and uninspiring parts of a brand website. Yet when executed correctly, it can be an important part of the user experience, and in turn, help companies to increase conversion. Not to mention save them from endless (and very repetitive) enquiry emails.
  • An FAQ (frequently asked questions) page is designed to answer some of your readers’ most common questions. These can include questions about you, the blogger, the content you create or your policies for things like product reviews and sponsored content.

The following questions and answers are those that are most frequently asked and answered by the Center for Drugs and Evaluation and Research (CDER) Drug Shortage Staff.

Q. Is the drug product information listed on the FDA’s Drug Shortage website the same as on the American Society of Health-System Pharmacists (ASHP) Drug Shortage website?

A. FDA and ASHP websites provide drug shortage information, however, there are some differences. FDA:

  • Receives information provided by manufacturers regarding their ability to supply the market
  • Receives market sales data on the specific products
  • Lists drugs on its website once it has confirmed that overall market demand is not being met by the manufacturers of the product
  • Does not consider a product to be in shortage if one or more manufacturers are able to fully supply market demand for the product

In contrast, ASHP:

  • Provides information about which manufacturers have the drug available and which ones do not, since supply chain disruptions may occur when all previous manufacturers are not yet back on the market with all formulations and all dosage sizes
  • Lists drugs in shortage even if the full market demand is met by the current manufacturers

FDA and ASHP work closely to share information and provide the most current information.

Creating dedicated pages for each of your frequently asked questions allows you to be more strategic with your keyword targeting and creates more ranking opportunities for you. Each new page you create can be targeted for specific keywords relating to that one question rather than having to target the entire page to FAQs terms. Trans, nonbinary and gender non-conforming staff at both DONTNOD and Xbox have made countless key creative contributions to Tell Me Why, including in character design, narrative and dialogue, building inclusive online spaces for the game, and much more.

For more information, please visit Contrasting the FDA (CDER) and ASHP Drug Shortage Websites: What are the differences?.

Q. Can FDA do anything about pricing of medications?

A. Pricing issues are not within the purview of FDA.

However, if you have concerns regarding the price of your medications, you may wish to contact the Federal Trade Commission (FTC). The FTC enforces a variety of federal antitrust and consumer protection laws. The FTC seeks to ensure that the nation’s markets function competitively, and are vigorous, efficient, and free of undue restrictions. Contact information for the FTC is as follows:

Federal Trade Commission
Bureau of Competition
Office of Policy and Evaluation
Room 394
Washington, D.C. 20580
Phone: (202) 326-3300
Website address: http://www.ftc.gov

When shortages occur, there are often faxed and e-mailed advertisements received by pharmacies from unknown distributors that offer these drugs at higher prices than the pharmacy normally pays. Concerns should be reported to FDA via the Office of Criminal Investigations at the following link: https://www.accessdata.fda.gov/scripts/email/oc/oci/contact.cfm

Q. How many drug shortages were there between 2011 and 2015? And do we expect fewer, as many, or more shortages in the future?

A: You can find the number of shortages reported to the U.S. Food and Drug Administration between 2011 and 2015, as well as how many shortages the FDA prevented, on the chart at the bottom of this infographic. The FDA continues to see shortages involving older sterile injectable drugs. These shortages have involved cancer drugs, anesthetics used for patients undergoing surgery, as well as drugs needed for emergency medicine, and electrolytes needed for patients on IV feeding. Fortunately, FDA has also been able to prevent a significant number of drug shortages. The Agency’s ability to prevent shortages has been greatly facilitated by increased early notifications from manufacturers.

Q. What is the major reason for these shortages?

A: A major reason for these shortages has been quality/manufacturing issues. However there have been other reasons such as production delays at the manufacturer and delays companies have experienced receiving raw materials and components from suppliers. Discontinuations are another factor contributing to shortages. FDA can't require a firm to keep making a drug it wants to discontinue. Sometimes these older drugs are discontinued by companies in favor of newer, more profitable drugs.

With fewer firms making older sterile injectable drugs, there are a limited number of production lines that can make these drugs. The raw material suppliers the firms use are also limited in the amount they can make due to capacity issues at their facilities. This small number of manufacturers and limited production capacity for older sterile injectables, combined with the long lead times and complexity of the manufacturing process for injectable drugs, results in these drugs being vulnerable to shortage. When one company has a problem or discontinues, it is difficult for the remaining firms to increase production quickly and a shortage occurs.

Q. What can FDA do to address drug shortages?

A: FDA responds to potential drug shortages by taking actions to address their underlying causes and to enhance product availability. FDA determines how best to address each shortage situation based on its cause and the public health risk associated with the shortage.

For manufacturing/quality problems, FDA works with the firm to address the issues. Problems may involve very low risk (e.g. wrong expiration date on package) to high risk (particulate in product or sterility issues). Regulatory discretion may be employed to address shortages to mitigate any significant risk to patients.

Faqcreate A Dedicated Faq Section Or Pages

FDA also works with other firms making the drugs that are in shortage to help them ramp up production if they are willing to do so. Often they need new production lines approved or need new raw material sources approved to help increase supplies. FDA can and does expedite review of these to help resolve shortages of medically necessary drugs. FDA can't require the other firms to increase production.

When a shortage occurs and a firm has inventory that is close to expiry or already expired, if the company has data to support extension of the expiration dating for that inventory, FDA is able to review this and approve the extended dating to help increase supplies until new production is available.

When the US manufacturers are not able to resolve a shortage immediately and the shortage involves a critical drug needed for US patients, FDA may look for a firm that is willing and able to redirect product into the U.S. market to address a shortage. FDA considers a list of criteria to evaluate the product to ensure efficacy and safety. These criteria include the formulation and other attributes of the drug as well as the quality of the manufacturing site where the drug is made.

FDA works to find ways to mitigate drugs shortages; however, there are a number of factors that can cause or contribute to drugs shortages that are outside of the control of FDA.

Also, FDA issued a long-term strategic plan to outline the agency’s priority actions, as well as actions drug manufacturers and others can take, to prevent drug shortages by promoting and sustaining quality manufacturing.

Below is a link for full information on the Strategic Plan

Q. How does FDA communicate to the public about drug shortages?

A: Early notification from manufacturers of any issue that could lead to a potential disruption in product supply has been, and will continue to be, critical to preventing or mitigating drug shortages.

FDA works to communicate information about shortages on the FDA website, based on information provided by the manufacturers. FDA appreciates all information that manufacturers provide for posting on the FDA website since we realize how necessary this is for patients and healthcare professionals to be informed when shortages occur and how long they may last. Manufacturers can report any information for posting to drugshortages@fda.hhs.gov.

Q. Are companies required to notify FDA of a potential drug shortage?

A: Manufacturers are required to report information about shortages to FDA, and are required to report the reasons for shortages and the expected duration of shortages on the FDA website. Title X of the Food and Drug Administration Safety and Innovation Act (FDASIA) of 2012, signed on July 9th, list the mandatory reporting requirements for manufacturers.

FDASIA provides FDA with important new authorities that will help the Agency to further combat drug shortages. Some of the enhanced authorities are as follows:

  • FDASIA broadens the scope of the early notification requirement by requiring all manufacturers of covered drugs to notify FDA of potential discontinuances. The prior law applied only to sole manufacturers.
  • FDASIA makes clear that manufacturers are required to report discontinuances to FDA regardless of whether they intend to discontinue the product permanently or are facing only a temporary interruption of supply.
  • FDASIA enables FDA to require, by regulation, mandatory reporting of shortages of biological products. The prior law excluded all biological products from the reporting requirements.
  • FDASIA makes clear that the notification requirement applies to drugs that are used in emergency medical care or during surgery (if they are intended for use in the prevention of a debilitating disease or condition).
  • FDASIA requires FDA to issue a non-compliance letter to manufacturers who fail to comply with the drug shortage notification requirements and to make the letter and the company’s response to the letter available to the public.

Related information

Q. When FDA takes an action such as sending a warning letter to a company or takes an enforcement action, is the shortage impact considered beforehand?

A: FDA is responsible for ensuring that safe, effective drugs are available for US patients. When there are severe quality issues identified that could result in harm to patients, there may not be a way to avoid a shortage. However, FDA does everything possible to work with firms to address any potential risks to keep medically necessary products available while also ensuring there is not going to be harm to patients associated with the quality issues.

Q. How does FDA address shortages of medically necessary drugs that have not received FDA approval?

A: FDA is aware that there are drugs being marketed that have not received FDA approval but are medically necessary and have been marketed for many years. When shortages occur for these drugs, FDA addresses these shortages through our normal processes and works with the companies to ensure patient needs are being met while also ensuring there is not any significant risk associated with the drug due to quality, safety, or efficacy that could result in harm to patients. FDA encourages the companies making these drugs to notify us of any changes in supply and also encourages the firms to seek FDA approval to help ensure ongoing quality and safety of these drugs for US patients.

Q. Have FDA standards changed and companies can no longer meet those standards?

A: FDA standards have not changed recently. The companies are responsible for ensuring that the drugs they make are manufactured in quality manufacturing sites so that US patients are not put at risk.

Faqcreate A Dedicated Faq Section Or Page Number

Q. Why are there so many quality problems with drugs occurring recently?

A: Problems can and do occur at any point in the manufacturing process and the manufacturing of sterile injectables is particularly complex and involves many steps where things can go wrong. When problems occur at any step in the process, FDA encourages firms to notify FDA of any potential supply issues so we can help address the problem. Manufacturers are required to report discontinuances to FDA regardless of whether they intend to discontinue the product permanently or are facing only a temporary interruption of supply.

Q. What is the CDER Drug Shortage Staff (DSS)?

A. This program, within the Center for Drug Evaluation and Research (CDER), was established to address potential or actual shortages of drugs that have a significant impact on public health. Through communication, facilitation and negotiation, DSS works with pharmaceutical manufacturers, review divisions, compliance and other components of FDA to manage product shortages.

Q. Who handles drug shortage issues in CDER?

A: FDA's Drug Shortage Staff (DSS) resides in the Center for Drug Evaluation & Research (CDER). It consists of a dedicated staff of 11 scientific and regulatory experts who are responsible for the coordination of all activities related to the prevention and mitigation of drug shortages. As the number of reports of drug shortages has increased, this staff has grown from 3 professionals to 11 in the past few years.

The DSS coordinates with a host of other experts in CDER, which is estimated to utilize a total of about 25 full time employees, currently. Among other activities, the experienced and capable staff conduct medical necessity assessments, consider appropriate action on inspection reports and assess proposals of firms as they attempt to avoid supply disruption or increase production. They reside in many Offices across CDER, including the Office of Compliance, Office of Generic Drugs, Office of Pharmaceutical Sciences and the Office of New Drugs.

We expect that reports of potential and actual drug shortages will continue to increase in the next months to years, requiring that FDA allocate more resources to mitigate drug shortages in a timely manner to protect public health. In doing so we will continue to focus on assuring a multifaceted approach, including close collaboration of all stakeholders within and outside of the Agency, including industry, regulators, payers, Congress, and others.

Q. Who handles non-CDER drug shortages?

  • Center for Biologics Evaluation and Research (CBER)
    Biological products, including blood and vaccines
    Website: CBER-Regulated Products: Shortages and Discontinuations
    E-mail address for reporting shortages: CBERshortages@fda.hhs.gov. Also, biological product manufacturers and healthcare personnel may report a real or suspected biological product shortage by calling 240-402-8380.
  • Center for Food Safety and Nutrition (CFSAN)
    Food, including medical foods and cosmetic products
    Center for Food Safety and Nutrition (CFSAN) Website – 1-888-SAFEFOOD
  • Center for Veterinary Medicine (CVM)
    Food additives and drugs that will be given to animals
    AskCVM@fda.hhs.gov
  • Center for Devices and Radiological Health (CDRH)
    Medical devices and radiation-emitting products
    dice@cdrh.fda.gov – 1-800-638-2041
    Contacts for Medical Devices During the COVID-19 PandemicNEW

Q. Why aren’t all drugs in short supply listed on the Drug Shortage web page?

A. The CDER Drug Shortage Staff focuses on shortages of medically necessary products since these shortages have the greatest impact on public health. The Drug Shortage page on the FDA website lists shortages primarily of medically necessary products. Shortages that are expected to be resolved quickly or which involve only a particular strength or package size, which has a substitute strength(s) and package size(s), are not usually the focuses of the DSS.

Q. How does the CDER Drug Shortage Staff find out about shortages?

A. Manufacturers are required to report shortages to FDA as stated in FDASIA. We believe this new authority will prove helpful, resulting in additional notifications that will help prevent additional shortages. Other components within FDA may also provide such notification. In addition, the DSS also gets reports from healthcare professionals, patients/individuals, or professional organizations using the electronic mail account (drugshortages@fda.hhs.gov).

Q. How does the CDER Drug Shortage Staff verify that a shortage exists?

A. The CDER Drug Shortage team utilizes information from manufacturers, distributors and market share data to determine if a shortage exists. (DSS defines a drug shortage as a situation where the total supply of all versions of the approved product available at the user level will not meet the current demand, and a registered alternative manufacturer will not meet the current and/or projected demands for the potentially medically necessary use(s) at the user level.)

Q. Where can I obtain additional information on drug shortages?

A. The American Society of Health System Pharmacists (ASHP) lists drug shortages and additional information.

-->

This article answers common questions about Azure Front Door features and functionality. If you don't see the answer to your question, you can contact us through the following channels (in escalating order):

  1. The comments section of this article.
  2. Azure Front Door UserVoice.
  3. Microsoft Support: To create a new support request, in the Azure portal, on the Help tab, select the Help + support button, and then select New support request.

General

What is Azure Front Door?

Azure Front Door is an Application Delivery Network (ADN) as a service, offering various layer 7 load-balancing capabilities for your applications. It provides dynamic site acceleration (DSA) along with global load balancing with near real-time failover. It is a highly available and scalable service, which is fully managed by Azure.

What features does Azure Front Door support?

Azure Front Door supports dynamic site acceleration (DSA), TLS/SSL offloading and end to end TLS, Web Application Firewall, cookie-based session affinity, url path-based routing, free certificates and multiple domain management, and others. For a full list of supported features, see Overview of Azure Front Door.

What is the difference between Azure Front Door and Azure Application Gateway?

While both Front Door and Application Gateway are layer 7 (HTTP/HTTPS) load balancers, the primary difference is that Front Door is a global service whereas Application Gateway is a regional service. While Front Door can load balance between your different scale units/clusters/stamp units across regions, Application Gateway allows you to load balance between your VMs/containers etc. that is within the scale unit.

When should we deploy an Application Gateway behind Front Door?

The key scenarios why one should use Application Gateway behind Front Door are:

  • Front Door can perform path-based load balancing only at the global level but if one wants to load balance traffic even further within their virtual network (VNET) then they should use Application Gateway.
  • Since Front Door doesn't work at a VM/container level, so it cannot do Connection Draining. However, Application Gateway allows you to do Connection Draining.
  • With an Application Gateway behind Front Door, one can achieve 100% TLS/SSL offload and route only HTTP requests within their virtual network (VNET).
  • Front Door and Application Gateway both support session affinity. While Front Door can direct subsequent traffic from a user session to the same cluster or backend in a given region, Application Gateway can direct affinitize the traffic to the same server within the cluster.

Can we deploy Azure Load Balancer behind Front Door?

Azure Front Door needs a public VIP or a publicly available DNS name to route the traffic to. Deploying an Azure Load Balancer behind Front Door is a common use case.

What protocols does Azure Front Door support?

Azure Front Door supports HTTP, HTTPS and HTTP/2.

How does Azure Front Door support HTTP/2?

HTTP/2 protocol support is available to clients connecting to Azure Front Door only. The communication to backends in the backend pool is over HTTP/1.1. HTTP/2 support is enabled by default.

What resources are supported today as part of backend pool?

Backend pools can be composed of Storage, Web App, Kubernetes instances, or any other custom hostname that has public connectivity. Azure Front Door requires that the backends are defined either via a public IP or a publicly resolvable DNS hostname. Members of backend pools can be across zones, regions, or even outside of Azure as long as they have public connectivity.

What regions is the service available in?

Azure Front Door is a global service and is not tied to any specific Azure region. The only location you need to specify while creating a Front Door is the resource group location, which is basically specifying where the metadata for the resource group will be stored. Front Door resource itself is created as a global resource and the configuration is deployed globally to all the POPs (Point of Presence).

What are the POP locations for Azure Front Door?

Azure Front Door has the same list of POP (Point of Presence) locations as Azure CDN from Microsoft. For the complete list of our POPs, kindly refer Azure CDN POP locations from Microsoft.

Is Azure Front Door a dedicated deployment for my application or is it shared across customers?

Azure Front Door is a globally distributed multi-tenant service. So, the infrastructure for Front Door is shared across all its customers. However, by creating a Front Door profile, you define the specific configuration required for your application and no changes made to your Front Door impact other Front Door configurations.

Is HTTP->HTTPS redirection supported?

Number

Yes. In fact, Azure Front Door supports host, path, and query string redirection as well as part of URL redirection. Learn more about URL redirection.

In what order are routing rules processed?

Routes for your Front Door are not ordered and a specific route is selected based on the best match. Learn more about How Front Door matches requests to a routing rule.

How do I lock down the access to my backend to only Azure Front Door?

To lock down your application to accept traffic only from your specific Front Door, you will need to set up IP ACLs for your backend and then restrict the traffic on your backend to the specific value of the header 'X-Azure-FDID' sent by Front Door. These steps are detailed out as below:

Faqcreate

  • Configure IP ACLing for your backends to accept traffic from Azure Front Door's backend IP address space and Azure's infrastructure services only. Refer the IP details below for ACLing your backend:

    • Refer AzureFrontDoor.Backend section in Azure IP Ranges and Service Tags for Front Door's IPv4 backend IP address range or you can also use the service tag AzureFrontDoor.Backend in your network security groups.
    • Azure's basic infrastructure services through virtualized host IP addresses: 168.63.129.16 and 169.254.169.254

    Warning

    Front Door's backend IP space may change later, however, we will ensure that before that happens, that we would have integrated with Azure IP Ranges and Service Tags. We recommend that you subscribe to Azure IP Ranges and Service Tags for any changes or updates.

  • Perform a GET operation on your Front Door with the API version 2020-01-01 or higher. In the API call, look for frontdoorID field. Filter on the incoming header 'X-Azure-FDID' sent by Front Door to your backend with the value as that of the field frontdoorID. You can also find Front Door ID value under the Overview section from Front Door portal page.

  • Apply rule filtering in your backend web server to restrict traffic based on the resulting 'X-Azure-FDID' header value.

    Here's an example for Microsoft Internet Information Services (IIS):

Can the anycast IP change over the lifetime of my Front Door?

The frontend anycast IP for your Front Door should typically not change and may remain static for the lifetime of the Front Door. However, there are no guarantees for the same. Kindly do not take any direct dependencies on the IP.

Does Azure Front Door support static or dedicated IPs?

No, Azure Front Door currently doesn't support static or dedicated frontend anycast IPs.

Does Azure Front Door support x-forwarded-for headers?

Yes, Azure Front Door supports the X-Forwarded-For, X-Forwarded-Host, and X-Forwarded-Proto headers. For X-Forwarded-For if the header was already present then Front Door appends the client socket IP to it. Else, it adds the header with the client socket IP as the value. For X-Forwarded-Host and X-Forwarded-Proto, the value is overridden.

Learn more about the Front Door supported HTTP headers.

How long does it take to deploy an Azure Front Door? Does my Front Door still work when being updated?

A new Front Door creation or any updates to an existing Front Door takes about 3 to 5 minutes for global deployment. That means in about 3 to 5 minutes, your Front Door configuration will be deployed across all of our POPs globally.

Note - Custom TLS/SSL certificate updates take about 30 minutes to be deployed globally.

Any updates to routes or backend pools etc. are seamless and will cause zero downtime (if the new configuration is correct). Certificate updates are also atomic and will not cause any outage, unless switching from 'AFD Managed' to 'Use your own cert' or vice versa.

Configuration

Can Azure Front Door load balance or route traffic within a virtual network?

Azure Front Door (AFD) requires a public IP or publicly resolvable DNS name to route traffic. So, the answer is no AFD directly cannot route within a virtual network, but using an Application Gateway or Azure Load Balancer in between will solve this scenario.

What are the various timeouts and limits for Azure Front Door?

Learn about all the documented timeouts and limits for Azure Front Door.

How long does it take for a rule to take effect after being added to the Front Door Rules Engine?

The Rules Engine configuration takes about 10 to 15 minutes to complete an update. You can expect the rule to take effect as soon as the update is completed.

Can I configure Azure CDN behind my Front Door profile or vice versa?

Azure Front Door and Azure CDN can't be configured together because both services utilizes the same Azure edge sites when responding to requests.

Performance

How does Azure Front Door support high availability and scalability?

Azure Front Door is a globally distributed multi-tenant platform with huge volumes of capacity to cater to your application's scalability needs. Delivered from the edge of Microsoft's global network, Front Door provides global load-balancing capability that allows you to fail over your entire application or even individual microservices across regions or different clouds.

TLS configuration

What TLS versions are supported by Azure Front Door?

All Front Door profiles created after September 2019 use TLS 1.2 as the default minimum.

Front Door supports TLS versions 1.0, 1.1 and 1.2. TLS 1.3 is not yet supported.

What certificates are supported on Azure Front Door?

To enable the HTTPS protocol for securely delivering content on a Front Door custom domain, you can choose to use a certificate that is managed by Azure Front Door or use your own certificate.The Front Door managed option provisions a standard TLS/SSL certificate via Digicert and stored in Front Door's Key Vault. If you choose to use your own certificate, then you can onboard a certificate from a supported CA and can be a standard TLS, extended validation certificate, or even a wildcard certificate. Self-signed certificates are not supported. Learn how to enable HTTPS for a custom domain.

Does Front Door support autorotation of certificates?

For the Front Door managed certificate option, the certificates are autorotated by Front Door. If you are using a Front Door managed certificate and see that the certificate expiry date is less than 60 days away, file a support ticket.
For your own custom TLS/SSL certificate, autorotation isn't supported. Similar to how it was set up the first time for a given custom domain, you will need to point Front Door to the right certificate version in your Key Vault and ensure that the service principal for Front Door still has access to the Key Vault. This updated certificate rollout operation by Front Door is atomic and doesn't cause any production impact provided the subject name or SAN for the certificate doesn't change.

What are the current cipher suites supported by Azure Front Door?

For TLS1.2 the following cipher suites are supported:

  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

When using custom domains with TLS1.0/1.1 enabled the following cipher suites are supported:

  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_RSA_WITH_AES_256_GCM_SHA384
  • TLS_RSA_WITH_AES_128_GCM_SHA256
  • TLS_RSA_WITH_AES_256_CBC_SHA256
  • TLS_RSA_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_256_CBC_SHA
  • TLS_RSA_WITH_AES_128_CBC_SHA
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

Can I configure TLS policy to control TLS Protocol versions?

You can configure a minimum TLS version in Azure Front Door in the custom domain HTTPS settings via Azure portal or the Azure REST API. Currently, you can choose between 1.0 and 1.2.

Can I configure Front Door to only support specific cipher suites?

No, configuring Front Door for specific cipher suites is not supported. However, you can get your own custom TLS/SSL certificate from your Certificate Authority (say Verisign, Entrust, or Digicert) and have specific cipher suites marked on the certificate when you have it generated.

Does Front Door support OCSP stapling?

Yes, OCSP stapling is supported by default by Front Door and no configuration is required.

Does Azure Front Door also support re-encryption of traffic to the backend?

Yes, Azure Front Door supports TLS/SSL offload, and end to end TLS, which re-encrypts the traffic to the backend. In fact, since the connections to the backend happen over its public IP, it is recommended that you configure your Front Door to use HTTPS as the forwarding protocol.

Does Front Door support self-signed certificates on the backend for HTTPS connection?

No, self-signed certificates are not supported on Front Door and the restriction applies to both:

  1. Backends: You cannot use self-signed certificates when you are forwarding the traffic as HTTPS or HTTPS health probes or filling the cache for from origin for routing rules with caching enabled.
  2. Frontend: You cannot use self-signed certificates when using your own custom TLS/SSL certificate for enabling HTTPS on your custom domain.

Why is HTTPS traffic to my backend failing?

For having successful HTTPS connections to your backend whether for health probes or for forwarding requests, there could be two reasons why HTTPS traffic might fail:

  1. Certificate subject name mismatch: For HTTPS connections, Front Door expects that your backend presents certificate from a valid CA with subject name(s) matching the backend hostname. As an example, if your backend hostname is set to myapp-centralus.contosonews.net and the certificate that your backend presents during the TLS handshake neither has myapp-centralus.contosonews.net nor *myapp-centralus*.contosonews.net in the subject name, the Front Door will refuse the connection and result in an error.
    1. Solution: While it is not recommended from a compliance standpoint, you can workaround this error by disabling certificate subject name check for your Front Door. This is present under Settings in Azure portal and under BackendPoolsSettings in the API.
  2. Backend hosting certificate from invalid CA: Only certificates from valid CAs can be used at the backend with Front Door. Certificates from internal CAs or self-signed certificates are not allowed.

Can I use client/mutual authentication with Azure Front Door?

No. Although Azure Front Door supports TLS 1.2, which introduced client/mutual authentication in RFC 5246, currently, Azure Front Door doesn't support client/mutual authentication.

Diagnostics and logging

What types of metrics and logs are available with Azure Front Door?

For information on logs and other diagnostic capabilities, see Monitoring metrics and logs for Front Door.

What is the retention policy on the diagnostics logs?

Diagnostic logs flow to the customers storage account and customers can set the retention policy based on their preference. Diagnostic logs can also be sent to an Event Hub or Azure Monitor logs. For more information, see Azure Front Door Diagnostics.

How do I get audit logs for Azure Front Door?

Audit logs are available for Azure Front Door. In the portal, click Activity Log in the menu blade of your Front Door to access the audit log.

Can I set alerts with Azure Front Door?

Yes, Azure Front Door does support alerts. Alerts are configured on metrics.

Next steps

  • Learn how to create a Front Door.
  • Learn how Front Door works.

Coments are closed
Pretty Goodmr. Mac's 6th Grade How To Run Dmg Files On Windows