Ensure that your Azure App Services web applications enforce FTPS-only access to encrypt FTP traffic. FTPS (Secure FTP) is used to enhance security for your Azure web application as it adds an extra layer of security to the FTP protocol, and help you to comply with the industry standards and regulations.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
With FTP, the transmission of data between the web application and the FTP client is unencrypted, leaving the data vulnerable to being intercepted and read. Even if a Man-in-the-Middle (MITM) attack is a risk that you can quickly mitigate, industry requirements such as PCI DSS, HIPAA, and others require data transfers to be fully encrypted. Enforcing FTPS-only access for your Azure App Services applications, can guarantee that the encrypted traffic between the web application servers and the FTP clients cannot be decrypted by malicious actors in case they are able to intercept packets sent across the FTP connection.
To determine if your Azure App Services web apps are configured to accept FTPS-only connections, perform the following actions:
Remediation / Resolution
To disable unencrypted FTP and enforce FTPS-only access and deployment for your Microsoft Azure App Services web applications, perform the following actions:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Enable FTPS-Only Access
Risk level: Medium