@APTOS Thanks for sharing more information about the ports.
Port 4022 is used for remote debugging and port 8172 is for web deploy service.
If your app service is running on multi-tenant app service plan (on any of these plans Free, Shared, Basic, Standard, Premium, PremiumV2, and PremiumV3 pricing SKU) and when you scan your app service you find several inbound App service ports are exposed and there is no way to block these ports.
Here is the list of inbounds ports which are exposed.
Refer to this documentation for more information about networking features in app services.
Feel free to reach back to me if you have any further questions on this.