Hi Matthew,
Those ports are required. Below is excerpt from documentation:
App Service ports
If you scan App Service, you'll find several ports that are exposed for inbound connections. There's no way to block or control access to these ports in the multi-tenant service. Here's the list of exposed ports:
Use | Port or ports |
---|---|
HTTP/HTTPS | 80, 443 |
Management | 454, 455 |
FTP/FTPS | 21, 990, 10001-10300 |
Visual Studio remote debugging | 4020, 4022, 4024 |
Web Deploy service | 8172 |
Infrastructure use | 7654, 1221 |
Please click Accept Answer or upvote if the above was helpful.
Thanks.
-TP