github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/avd_docs/azure/appservice/AVD-AZU-0004/docs.md

github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/avd_docs/azure/appservice/AVD-AZU-0004/docs.md (about)

     1  
     2  By default, clients can connect to function endpoints by using both HTTP or HTTPS. You should redirect HTTP to HTTPs because HTTPS uses the SSL/TLS protocol to provide a secure connection, which is both encrypted and authenticated.
     3  
     4  ### Impact
     5  Anyone can access the Function App using HTTP.
     6  
     7  <!-- DO NOT CHANGE -->
     8  {{ remediationActions }}
     9  
    10  ### Links
    11  - https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-bindings#enforce-https
    12  
    13  - https://docs.microsoft.com/en-us/azure/azure-functions/security-concepts
    14  
    15