Ensure web sockets are disabled for Azure App Service

MEDIUM

Description

Using Web Sockets for Azure App Service may introduce unknown vulnerabilities.

Remediation

In Azure Console -

Open the Azure Portal and go to App Services.
Select the App service you wish to edit.
Select Configuration under Settings, then the General settings tab.
Under Platform Settings, set Web sockets to off.
Save.

In Terraform -

In the azurerm_app_service resource, set websockets_enabled to false.

References:
https://learn.microsoft.com/en-us/azure/app-service/
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#websockets_enabled

Policy Details

Rule Reference ID: AC_AZURE_0193

CSP: Azure

Remediation Available: Yes

Domain: Infrastructure Security

Resource: azurerm_app_service

Resource Category: Serverless

Resource Type: App Service

Frameworks

GDPR
HIPAA
NIST-800-171
NIST-800-53
NIST-CSF
PCI-DSSv3.2.1
PCI-DSSv4.0