HTTP 2.0 Disabled
More Info:
Periodically, newer versions are released for HTTP either due to security flaws or to include additional functionality. Using the latest HTTP version for web apps to take advantage of security fixes, if any, and/or new functionalities of the newer version. Newer versions may contain security enhancements and additional functionality. Using the latest version is recommended in order to take advantage of enhancements and new capabilities. With each software installation, organizations need to determine if a given update meets their requirements and also verify the compatibility and support provided for any additional software against the update revision that is selected. HTTP 2.0 has additional performance improvements on the head-of-line blocking problem of old HTTP version, header compression, and prioritization of requests. HTTP 2.0 no longer supports HTTP 1.1’s chunked transfer encoding mechanism, as it provides its own, more efficient, mechanisms for data streaming.Risk Level
LowAddress
Performance, SecurityCompliance Standards
CISAZURE, CBPTriage and Remediation
Remediation
Using Console
Using Console
To remediate the HTTP 2.0 disabled misconfiguration in Azure using the Azure console, you can follow these steps:
- Log in to the Azure portal and navigate to the App Service that needs to be configured.
- Under the Settings section, select Configuration.
- Scroll down to the General settings section, and locate the HTTP version configuration.
- Change the HTTP version configuration to “2.0” to enable HTTP 2.0.
- Click Save to apply the changes.
- Restart the App Service to ensure that the changes are applied.
- Once the App Service is restarted, verify that HTTP 2.0 is enabled by accessing the application through a web browser and checking the network tab of the developer tools.
Using CLI
Using CLI
To remediate HTTP 2.0 disabled misconfiguration in Azure using Azure CLI, you can follow the below steps:Step 1: Open Azure CLI and login to your Azure account.Step 2: Check the current status of HTTP 2.0 on the web app.Step 3: If the output of the above command is false, then HTTP 2.0 is disabled for the web app. To enable it, run the below command:Step 4: Verify that HTTP 2.0 is enabled by running the below command:Step 5: Once verified, you have successfully remediated the HTTP 2.0 disabled misconfiguration for your Azure web app.Note: Replace
<resource-group-name> and <web-app-name> with your actual resource group and web app name respectively.Using Python
Using Python
To remediate the HTTP 2.0 Disabled misconfiguration in Azure using Python, you can use the Azure SDK for Python. Here are the step-by-step instructions:
-
Install the Azure SDK for Python by running the following command in your terminal:
-
Import the necessary modules:
-
Authenticate with Azure using a service principal:
-
Create a
WebSiteManagementClientobject: -
Get the resource group and site name for the web app:
-
Get the current site configuration:
-
Check if HTTP 2.0 is already enabled:
This code checks if HTTP 2.0 is already enabled. If it is, it prints a message saying so. If it is not, it enables HTTP 2.0 and prints a message saying it has been enabled.
-
Run the code and verify that HTTP 2.0 has been enabled for your web app.