Azure App Services Isolation and Security
I have several App Services
hosted on one App Service plan
(Basic Small) which is a fully managed virtual machine with all resources reserved for me. These are all Asp.Net applications.
Since I have a lot of resources available to me, I am considering migrating my WordPress apps to Azure (each to a new one App Service
within the same App Service plan
.
WordPress, unfortunately, tends to get infected from time to time. Also, the infection can spread to other sites if they are not properly isolated (the infected website can modify the files of other websites).
So my question is:
If one of my WordPress sites is infected by other websites from different App Services
, but the same one is App Service plan
also at risk?
source to share
The answer to this question largely depends on how you trust Microsoft and their requirements.
All Azure Web Apps (as well as mobile apps / services, web apps, and Features) run in a secure environment called a sandbox. Each application runs inside its own sandbox, isolating its execution from other instances on the same machine, and providing additional security and privacy that would not otherwise be available. the sandboxing mechanism aims to ensure that every application running on the machine has a guaranteed minimum service level; in addition, the execution time constraints imposed by the sandbox prevent applications from adversely affecting other resource-intensive applications that may be running on the same machine.
Therefore, it must be safe.
https://github.com/projectkudu/kudu/wiki/Azure-Web-App-sandbox
source to share