Microsoft CDN overwrites client IP-address
We had few days ago an attack on our website and to detect the IP address from aggressor, we enabled the client IP tracking in Application Insights.
To deliver efficiency the webpage content, do we use Microsoft CDN instead direct traffic on web app.
1. Browser > CDN (content expired) > web app
Browser < CDN (content updated) <
1. Browser > web app
We detected, that the in AI tracked client Ip-address is when we use the Microsoft CDN the ip address of Microsoft Frontdoor application. The Microsoft CDN is using MS Frontdoor. After moving the DSN from CDN to direct traffic on web app, are the client Ip addresses correct.
It's a bug in Microsoft CDN and should fixed immediately.