Windows web servers should be configured to use secure communication protocols

Lakshmi Narayanan 71 Reputation points
2021-08-02T05:47:06.09+00:00

HI,

I have one Windows 2016 prod server on Azure Cloud. As per Advisor services, its recommend to clear this High Severity - Windows web servers should be configured to use secure communication protocols.

I have configured all the things which Azure were mentioned in remediation steps.

To ensure your windows web server is using secure communication protocol:

  1. Enable TLS on your machine. For Windows Server 2008 R2, Windows Server 2012, or Windows 7, install the update at https://support.microsoft.com/help/3140245. For Windows 2012 R2 Server or later, no updates are necessary as TLS
  2. 2 is enabled by default.
  3. Update the Windows and WinHTTP registry keys (or verify that they're correct) according to the information here: https://learn.microsoft.com/mem/configmgr/core/plan-design/security/enable-tls-1-2-client#bkmk_winhttp.
  4. Ensure you're running .NET
  5. 6.2 or later and that the necessary .NET registry keys are set according to the information here: https://learn.microsoft.com/mem/configmgr/core/plan-design/security/enable-tls-1-2-client#bkmk_net

After i configured above steps, this High severity disappeared. But its again appearing since one week. Where i'm wrong? Can i exempt this severity? Can any one please advice on this?

Azure Cloud Services
Azure Cloud Services
An Azure platform as a service offer that is used to deploy web and cloud applications.
651 questions
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,243 questions
{count} votes