Use the latest version of HTTP to ensure you are benefiting from security fixes
Outdated versions of HTTP has security vulnerabilities
Follow the appropriate remediation steps below to resolve the issue.
Log into the Microsoft Azure Management Console.
Select the “Search resources, services, and docs” option at the top and search for App Services.
Select the “App Services” by clicking on the “Name” link to access the configuration changes.
Scroll down the selected “App Services” navigation panel and in “Settings” click on the “Configuration” option.
On the “Configuration” page select the General settings tab,scroll down and on the HTTP version box check the version in use. If HTTP version is not set to HTTP 2.0 then the selected App service is not using the latest technology.
Repeat steps number 2 - 5 to verify other “Apps” HTTP version in the account.
Navigate to the “App Services”, select the “App Service” and click on the “Name” as a link to access the configuration, select the “Configuration” under “Settings.”
On the “General Settings” page scroll down and on the HTTP version select the latest version of HTTP which is HTTP 2.0 from the dropdown menu and click on the “Save” button to make the changes.
Repeat above steps to ensures “HTTP 2.0” are enabled for “App Services”,ensures that the App Service has the latest technology which includes security enhancements and additional functionality.
Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.