| Plugin Title | HTTPS Only Enabled |
| Cloud | AZURE |
| Category | App Service |
| Description | Ensures HTTPS Only is enabled for App Services, redirecting all HTTP traffic to HTTPS |
| More Info | Enabling HTTPS Only traffic will redirect all non-secure HTTP requests to HTTPS. HTTPS uses the SSL/TLS protocol to provide a secure connection. |
| AZURE Link | https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-custom-ssl#enforce-https |
| Recommended Action | Enable HTTPS Only support SSL settings for all App Services |
- Log into the Microsoft Azure Management Console.
- Select the "Search resources, services, and docs" option at the top and search for App Services.
- Select the "App Services" by clicking on the "Name" link to access the configuration changes.
- Scroll down the selected "App Services" navigation panel and in "Settings" click on the "TLS/SSL settings" option.
- On the "TLS/SSL settings" page check if "HTTPS Only" is "ON/OFF". If it's turned "OFF" then it will not redirect all non-secure HTTP requests to HTTPS.
- Repeat steps number 2 - 5 to verify other "Apps" SSL settings in the account.
- Navigate to the "App Services", select the "App Service" and click on the "Name" as a link to access the configuration, select the "TLS/SSL settings" under "Settings."
- On the "Protocol Settings" page click on the "ON" option next to "HTTPS Only" which will redirect all non-secure HTTP requests to HTTPS. HTTPS uses the SSL/TLS protocol to provide a secure connection.
- Repeat above steps to ensures "HTTPS Only" are enabled for "App Services",ensures HTTPS Only is enabled for your App services, redirecting all HTTP traffic to HTTPS.
