Ensure that your Azure App Services web applications have remote debugging disabled in order to enhance security and protect the applications from unauthorized access. Remote Debugging feature is available for web applications (e.g. ASP.NET, ASP.NET Core, Node.js, Python).
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
Remote Debugging feature requires certain inbound ports to be opened for the Visual Studio remote debugger within your Microsoft Azure App Services web applications configuration. Implementing the principle of least privilege by closing the access to these inbound ports will help you significantly reduce the possibility of a security breach.
Audit
To determine if your Azure App Services web apps are configured to use remote debugging, perform the following actions:
Remediation / Resolution
To enhance your web application's security by disabling Remote Debugging feature, perform the following actions:
References
- Azure Official Documentation
- App Service
- Configure general settings
- Remote Debugging
- Azure PowerShell Documentation
- az webapp
- az webapp list
- az webapp config show
- az webapp config set