💼 9.1 Ensure 'HTTPS Only' is set to 'On' (Automated)
- Contextual name: 💼 9.1 Ensure 'HTTPS Only' is set to 'On' (Automated)
- ID:
/frameworks/cis-azure-v3.0.0/09/01
- Located in: 💼 9 AppService
Description
Azure App Service allows apps to run under both HTTP and HTTPS by default. Apps can be accessed by anyone using non-secure HTTP links by default. Non-secure HTTP requests can be restricted and all HTTP requests redirected to the secure HTTPS port. It is recommended to enforce HTTPS-only traffic.
Similar
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (1)