| Plugin Title | HTTPS Only Enabled |
| Cloud | AZURE |
| Category | App Service |
| Description | Ensures HTTPS Only is enabled for App Services, redirecting all HTTP traffic to HTTPS |
| More Info | Enabling HTTPS Only traffic will redirect all non-secure HTTP requests to HTTPS. HTTPS uses the SSL/TLS protocol to provide a secure connection. |
| AZURE Link | https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-custom-ssl#enforce-https |
| Recommended Action | Enable HTTPS Only support SSL settings for all App Services |
- Log in to the Microsoft Azure Management Console.
- Find the search bar at the top and search for App Services.
- Select the "App Service" by clicking on "Name" to go to its configuration.
- Scroll down the selected "App Services" left navigation panel and under "Settings" click on the "TLS/SSL settings" option.
- On the "TLS/SSL settings" page select the Bindings tab, scroll down and under the "Protocol Settings" check whether "HTTPS Only" is set to "Off". It’s recommended to set HTTPS only to "On" to allow only secure traffic.
- If the "App Service" is not using "HTTPS only" then select "On" from the slider.
- Wait for the confirmation box to save changes.
- Repeat steps number 3 - 7 to verify all other "Apps" are using HTTPS only in the account.
