Can I disable/turn off some of the ports visable in Azure App Service

Matthew Greaves 40 Reputation points
2024-06-18T07:41:10.6066667+00:00

Our security team recently flagged that a number of ports are open on our Azure App Service-hosted websites. Can these ports be disabled from being visible over the Internet, or are they required?

The ports are

455/tcp

1221/tcp

4022/tcp

4024/tcp

8172/tcp

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,354 questions
0 comments No comments
{count} votes

Accepted answer
  1. TP 83,711 Reputation points
    2024-06-18T07:52:43.99+00:00

    Hi Matthew,

    Those ports are required. Below is excerpt from documentation:

    App Service ports

    If you scan App Service, you'll find several ports that are exposed for inbound connections. There's no way to block or control access to these ports in the multi-tenant service. Here's the list of exposed ports:

    Use Port or ports
    HTTP/HTTPS 80, 443
    Management 454, 455
    FTP/FTPS 21, 990, 10001-10300
    Visual Studio remote debugging 4020, 4022, 4024
    Web Deploy service 8172
    Infrastructure use 7654, 1221

    Please click Accept Answer or upvote if the above was helpful.

    Thanks.

    -TP


0 additional answers

Sort by: Most helpful