Azure App Service should have remote debugging disabled

azure.appservice
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

Azure App Services has ‘remote debugging’ disabled to enhance security and protect applications.

Rationale

If remote debugging is enabled, this can allow an attacker access to your applications. To reduce your attack surface, disable remote debugging when not actively needed.

Remediation

Azure CLI

  1. Get a list of your App Services web apps by running the following in Azure Powershell:

    az webapp list \
--query '[*].id'

  2. Check the config of your web apps with the command:

    az webapp config show \
--ids "<INSERT_ID_HERE>" \
--query 'remoteDebuggingEnabled'

  3. Disable the web app’s remote debugging capability with the command:

    az webapp config set \
--ids "<INSERT_ID_HERE>" \
--remote-debugging-enabled false

  4. Repeat steps one through three for each server that is not configured correctly.

References

  1. Azure webapp config set
PREVIEWING: aliciascott/DOCS-9725-Cloudcraft