Aspnetcore.docs: Restrict health check to GET HTTP method

@APIWT Is your scanning external to the firewall or internal? If external, a non-public port should be ok ...

app.UseHealthChecks("/health", port: 8000);

https://docs.microsoft.com/aspnet/core/host-and-deploy/health-checks#filter-by-port

If not AFAIK, there's nothing built-in for non-GET method restrictions. You could make a request to engineering tho on the engineering repo ... they're happy to have dev feedback on scenarios like this. https://github.com/aspnet/AspNetCore/issues

It is external, but changing the port does not help. For multiple reasons, we need the health checks to be on the same port as the rest of the application.

We are really only interested in solutions that restrict the HTTP request methods allowed on the endpoint.

I see. Open an issue with engineering. Let's close here, but please do come back and ping me here if you get good news from them. We can add something to the topic if that's the case.

@guardrex Here was the suggestion (which works for us) from engineering: https://github.com/aspnet/AspNetCore/issues/10488

Would you guys mind adding this to your docs?

Perfect! Great idea. I'll get this scheduled.

Awesome! Thank you for your help.