Web App Accepting Traffic Other Than HTTPS
- Query id: eb8c2560-8bee-4248-9d0d-e80c8641dd91
- Query name: Web App Accepting Traffic Other Than HTTPS
- Platform: Ansible
- Severity: High
- Category: Insecure Configurations
- URL: Github
Description¶
Web app should only accept HTTPS traffic in Azure Web App Service.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
- name: Create a windows web app with non-exist app service plan
azure_rm_webapp:
resource_group: myResourceGroup
name: myWinWebapp
https_only: false
plan:
resource_group: myAppServicePlan_rg
name: myAppServicePlan
is_linux: false
sku: S1
- name: Create another windows web app
azure_rm_webapp:
resource_group: myResourceGroup
name: myWinWebapp
plan:
resource_group: myAppServicePlan_rg
name: myAppServicePlan
is_linux: false
sku: S1