Ensure that your Azure App Services web applications have remote debugging disabled in order to enhance security and protect the applications from unauthorized access. Remote Debugging feature is available for web applications (e.g. ASP.NET, ASP.NET Core, Node.js, Python).
This rule resolution is part of the Cloud Conformity Security & Compliance tool for Azure
Remote Debugging feature requires certain inbound ports to be opened for the Visual Studio remote debugger within your Microsoft Azure App Services web applications configuration. Implementing the principle of least privilege by closing the access to these inbound ports will help you significantly reduce the possibility of a security breach.
To determine if your Azure App Services web apps are configured to use remote debugging, perform the following actions:
Remediation / Resolution
To enhance your web application's security by disabling Remote Debugging feature, perform the following actions:
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
You are auditing:
Disable Remote Debugging
Risk level: High