Skip to content

Latest commit

 

History

History
27 lines (21 loc) · 2.11 KB

File metadata and controls

27 lines (21 loc) · 2.11 KB

CloudSploit

AZURE / Load Balancer / LB HTTPS Only

Quick Info

Plugin Title LB HTTPS Only
Cloud AZURE
Category Load Balancer
Description Ensures load balancers are configured to only accept connections on HTTPS ports
More Info For maximum security, load balancers can be configured to only accept HTTPS connections. Standard HTTP connections will be blocked. This should only be done if the client application is configured to query HTTPS directly and not rely on a redirect from HTTP.
AZURE Link https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-overview
Recommended Action Ensure that each load balancer only accepts connections on port 443.

Detailed Remediation Steps

  1. Log into the Microsoft Azure Management Console.
  2. In the search bar at the top search for Load balancers and select the "Load balancer" from the results.
  3. Select the "Load balancer" by clicking on the "Name" link that needs to be configured to accept HTTPS connections only.
  4. On the "load balancer" page, scroll down the left navigation panel and choose the "Load balancing rules" option under "Settings".
  5. On the "Load balancing rules" page if the "Load balancing rule" is showing as "TCP/80" then the selected "Load balancer" is configured to accept connections on HTTP ports.
  6. Click on the triple dots (...) at the end of HTTP rule row and click on "Delete".
  7. Click "Yes" in the confirmation box that opens.
  8. Repeat the step number 3 - 7 to ensure that each load balancer only accepts HTTPS connections on port 443.