Use HTTPS client connections

Security · Content Delivery Network · Rule · 2020_06

Enforce HTTPS for client connections.

Description

When a client connect to CDN content it can use HTTP or HTTPS. Support for both HTTP and HTTPS is enabled by default. When using HTTP, sensitive information may be exposed to an untrusted party.

Recommendation

Consider disabling HTTP support on the CDN endpoint origin.

Links

• Data encryption in Azure
• Configure HTTPS on an Azure CDN custom domain

---

Last update: 2022-10-17

Comments