last sync: 2025-Jun-30 17:25:56 UTC

[Deprecated]: Remote debugging should be turned off for API Apps

Azure BuiltIn Policy definition

Source Azure Portal
Display name [Deprecated]: Remote debugging should be turned off for API Apps
Id e9c8d085-d9cc-4b17-9cdc-059f1f01f19e
Version 1.0.0-deprecated
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0 (1.0.0-deprecated)
Built-in Versioning [Preview]
Category App Service
Microsoft Learn
Description Remote debugging requires inbound ports to be opened on API apps. Remote debugging should be turned off. We recommend all customers who are still using API Apps to implement the built-in policy called 'App Service apps should have remote debugging turned off', which is scoped to include API apps in addition to Web Apps.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Assessment(s) Assessments count: 1
Assessment Id: 9172da4e-9571-6e33-2b5b-d742847f3be7
DisplayName: Remote debugging should be turned off for API App
Description: Remote debugging requires inbound ports to be opened on an API app. Remote debugging should be turned off.
Remediation description: To turn off remote debugging, we recommend the following steps:
1. Go to the app service applications settings page
2. In the remote debugging toggle select Off
3. Click Save
Categories: AppServices
Severity: Low
User impact: Low
Implementation effort: Low
Threats: DataExfiltration, MaliciousInsider
Mode Indexed
Type BuiltIn
Preview False
Deprecated True
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Web/sites/config/remoteDebuggingEnabled Microsoft.Web sites/config properties.remoteDebuggingEnabled True False
Rule resource types IF (1)
Compliance
The following 3 compliance controls are associated with this Policy definition '[Deprecated]: Remote debugging should be turned off for API Apps' (e9c8d085-d9cc-4b17-9cdc-059f1f01f19e)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
CIS_Azure_Foundations_v3.0.0 9.12 CIS_Azure_Foundations_v3.0.0_9.12 CIS Azure Foundations v3.0.0 9.12 9 Ensure that 'Remote debugging' is set to 'Off' Shared n/a Verify that the 'Remote debugging' setting is configured to 'Off' for all applicable Azure resources. This control is essential for enhancing security by preventing unauthorized access to application code and reducing the risk of exploitation. 3
K_ISMS_P_2018 2.10.1 K_ISMS_P_2018_2.10.1 K ISMS P 2018 2.10.1 2.10 Establish Procedures for Managing the Security of System Operations Shared n/a Establish and implement operating procedures for managing the security of system operations such as designating system administrators, updating policies, changing rulesets, monitoring events, managing policy implementations or exceptions. 455
K_ISMS_P_2018 2.10.2 K_ISMS_P_2018_2.10.2 K ISMS P 2018 2.10.2 2.10 Establish Protective Measures for Administrator Privileges and Security Configurations Shared n/a Establish and implement protective measures with regard to administrator privileges and security configurations to ensure that important information and personal information are not exposed as a result of unauthorized access by service type or misconfigurations. 431
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
CIS Azure Foundations v3.0.0 470a962c-86a0-433b-803a-3c176b5ce79c Regulatory Compliance GA BuiltIn unknown
K ISMS P 2018 e0782c37-30da-4a78-9f92-50bfe7aa2553 Regulatory Compliance GA BuiltIn unknown
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-07-01 16:32:34 change Version remains equal, new suffix: deprecated (1.0.0 > 1.0.0-deprecated)
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC