💼 9.1 Ensure 'HTTPS Only' is set to 'On' (Automated)
- ID:
/frameworks/cis-azure-v3.0.0/09/01
Description
Azure App Service allows apps to run under both HTTP and HTTPS by default. Apps can be accessed by anyone using non-secure HTTP links by default. Non-secure HTTP requests can be restricted and all HTTP requests redirected to the secure HTTPS port. It is recommended to enforce HTTPS-only traffic.
Similar
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (1)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ Azure App Service HTTPS Only configuration is not enabled🟢 | 1 | 🟢 x6 | no data |