More Info:

Ensure that no network security groups allow unrestricted inbound access on TCP port 80.

Risk Level

Critical

Address

Security

Compliance Standards

HITRUST

Triage and Remediation

Remediation

The remediation steps for Unrestricted HTTP Access in AZURE are:

  1. Login to the AZURE portal (https://portal.azure.com/)
  2. Navigate to the Virtual Machine that has unrestricted HTTP access.
  3. Click on the “Networking” tab on the left-hand side of the Virtual Machine page.
  4. Under the “Inbound port rules” section, click on “Add inbound port rule”.
  5. In the “Add inbound security rule” page, provide the following details:
    • Name: A name for the new rule
    • Priority: A number that specifies the priority of the rule. A lower number indicates a higher priority.
    • Protocol: Select “TCP” from the dropdown.
    • Port range: Specify the port range that you want to restrict. For example, if you want to restrict port 80, enter “80” in both the “Start port” and “End port” fields.
    • Action: Select “Deny” from the dropdown.
    • Source: Select “Any” from the dropdown.
    • Destination: Select “Any” from the dropdown.
  6. Click on “Add” to create the new rule.
  7. Repeat steps 4-6 for all the ports that you want to restrict.
  8. Once all the necessary rules have been created, click on “Save” to apply the changes.

After completing these steps, the unrestricted HTTP access should be remediated for the Virtual Machine in AZURE.