Azure Web Apps Default Document not working

When using an Azure WebApp (a.k.a. Application Service) behind an Application Gateway with the default document set correctly, visiting works but without the trailing slash brings up the blue 403 error.

Error 403 - Forbidden

In the case that you haven’t restricted App Service access to the Application Gateway (and you probably should), missing off this trailing slash would reveal the name in the address bar- so would redirect to

Example Architecture


If we take the Application Gateway out of the design, a request to (1) would be detected as a folder, rather than a page, and redirected to with the trailing slash (2). The browser would then follow that redirect (3) and get back the content of the default document (4).

Example without Gateway

When we put the Application Gateway in front of the WebApp we push traffic from through to that WebApp and the name is hidden from the end user. However, when the above redirection happens to add the trailing slash, the WebApp is sending a redirection response telling the user to go to the specific URL - not the address.

In the case that we’ve restricted access on the WebApp so it only serves requests passed by the Application Gateway then the redirection sends the browser off to the URL (bypassing the gateway) which returns a 403 unauthorised error.


Create a rewrite rule on your Application Gateway as detailed here: This will rewrite that redirect response of back to the desired

Example with Gateway Redirect Rule