If you wanted to block inbound traffic to your Azure Function, one option is to use an Access Restriction. To check if you have one, navigate to the Networking blade for your Azure Function and check if Access restriction is On.
Figure 1, Access Restriction and Azure Functions
Take caution that although this let’s you block blocks of IP addresses, some IPs are required for performing deployments. A rule like this on the SCM / KUDU site would cause deployments to fail.
Figure 2, Access Restriction and Azure Functions
Take special note that for security reasons, the reason a request is unsuccessful is not always returned to the client. If you tell a hacker why their request was blocked, then the would have a better chance of getting around it. If we don’t know what is blocking us, then it takes a bit longer. 