Some questions about Microsoft Azure services

Wester 0 Reputation points
2024-04-24T06:32:25.91+00:00

I'm currently trying out Azure service on my projcet, but I encounter some problem while deploying securing a web application on Azure, I tried several different solutions that I found on other website, and yet it's still doesn't work out, I mgith need some help here, if anyone would like to join this disscuion about the website robust sercurit and it onw vunlerabilityes

2024-04-24SrqaJ8+XywUpPQbigyB+Czu85LzfsAbqcJV4AnpZAIJK2IxPgvFqz6fGGQjVZfkcz9F3Jx9457iD8fpUBtspHKcyDPQe4nkeG4VRDbhpj/e/zNoDdX7uWOXMbI9JcRiRurco+kMK2RFaGEcWKqNFDILWoTeUFVe8f/WFNj/IA6LJV4ASOmAICOuwsaWB7k5aRhl1eUkhzVdyWs8TiYVMyMw==2024-04-24E

I appreciate all your time and advise.

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,914 questions
Azure Static Web Apps
Azure Static Web Apps
An Azure service that provides streamlined full-stack web app development.
771 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Alex Burlachenko 810 Reputation points
    2024-04-24T07:37:12.9566667+00:00

    Hi Wester,

    I understand that you're experiencing difficulties securing your web application on Azure. Here are some general steps and best practices that may help:

    HTTPS and certificates: Azure App Service allows you to secure your applications with HTTPS. When you create your app, its default domain name will already be accessible using HTTPS. If you set up a custom domain for your app, it is also recommended that you secure it with an SSL/TLS certificate.

    Insecure protocols: To protect your app from unencrypted HTTP connections, App Service offers a one-click option to enforce HTTPS. TLS 1.0 is no longer recommended for use, as it is not considered secure according to industry standards such as PCI DSS. You can disable outdated protocols and enforce TLS 1.1 and 1.2 instead.

    Authentication: Set up authentication for your web app and restrict access to users within your organization.Accessing Azure Services: Use managed identities to securely access the Azure data plane, including Azure Storage, Azure SQL Database, and Azure Key Vault. This allows you to retrieve non-personal data from these services in your web application.

    Microsoft Graph: Use Microsoft Graph to access user data for the currently signed-in user, or use managed identities to retrieve non-user data for your web application.

    If the response helped, please do click Accept Answer and Yes for was this answer helpful.

    0 comments