Network misconfigurations

WebApp Non-HTTPS Run allowed

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Enabling HTTPS-only traffic will redirect all non-secure HTTP request to HTTPS ports. HTTPS uses the SSL/TLS protocol to provide a secure connection, which is both encrypted and authenticated.
  • Recommended Mitigation

    Configure your app service to use 'HTTPS Only' traffic.