FTP deployments should be disabled

azure.appservice

Description

By default, Azure Functions, App Service applications, and API Apps can be deployed over FTP. If an essential deployment workflow requires FTP, your system should enforce FTPS for FTP login for all App Service applications and functions.

Remediation

From the console

  1. Go to the Azure Portal
  2. Select App Services
  3. Click on an app
  4. Select Settings and then Configuration
  5. Under General Settings, for the Platform Settings, the FTP state should not be set to All allowed