Protecting web apps and APIs hosted on Azure
- Consider enabling Azure Defender to protect your app service.
- Always run the integrated vulnerability assessment scanner available in Azure Defender for SQL servers to extend the protection of SQL servers along with stored databases.
- You can keep your app service up to date by using the latest versions of supported platforms, frameworks, and protocols.
- Disable anonymous access to the blob storage to protect uploaded files. You can enable anonymous access to specific folders if needed.
- Enforce the usage of the SSL/TLS protocol to provide a secure connection.
- Always use File Transfer Protocol Secure (FTPS) instead of the regular FTP to deploy your files and disable the FTP protocol if you are not using it.
- Consider using environment variables to store...