Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

We welcome user feedback and feature requests!

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add static IP address for outbound traffic without the use of App Service Environment

    There are many reasons you may want to have a static IP address for outbound connections. For example, you may be accessing a system which requires you to whitelist IP address in a firewall, such as SQL Database or an external service.

    Currently, the only way to get a static IP address for outbound connections is to use App Service Environment. App Service Environments are quite complex, and has a very high price tag. You need at least 4 instances, 2 of which must be P2, meaning you'll pay at least 1000 EUR/month. Paying 1000 EUR/month just because you want…

    602 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      16 comments  ·  Flag idea as inappropriate…  ·  Admin →
    • Enable users to create custom error pages for 403 and 503 service unavailable messages

      Currently 503 errors (service unavailable) present a blank white page with "service unavailable" to the users which is far from professional for us. It would be far better if we could provide a custom 503 page which would include a logo etc., and some text along the lines of "We apologise for the inconvenience, we are working on it. These issues usually resolve in about five minutes. please contact support for further help if required." or something similar.... This error might be caused by Azure network issues, so away from the web app instance.

      It would also be helpful if…

      472 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        27 comments  ·  Flag idea as inappropriate…  ·  Admin →
      • Improve Java site deployments

        Deploying a Java application to Azure for the first time is not bad, but incremental updates are very painful. The basic functionality works, but it involved multiple steps that really shouldn't be there.

        1. Every time that you want to deploy a WAR file, you have to delete the application's exploded directory (ROOT, for example). In order to do this properly, you have to stop the server first. You should be able to simply replace the WAR file (ROOT.war, for example), and have Tomcat take care of updating the application. If you have an application that is large or has…

        436 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          8 comments  ·  Flag idea as inappropriate…  ·  Admin →

          There are a number of bumps with how we enable publishing for Tomcat and Jetty. The system we have is pretty open ended as it allows you to drop in nearly any Java application. Unfortunately the side effect is that the more PaaS like experiences that are reasonably expected with the built in Tomcat/Jetty are subject to the bumps when publishing to Tomcat/Jetty that is configured with the war autoload capability. Long story short, there are work items that we are looking at to make this better when using the built in Tomcat and Jetty.
          Christina

        • Add button to copy Prod to Staging slot instead of swap

          When we deploy by using 'swap' the deployment slot will have an old version of the website. Since we want to use the deployment slot as a staging website, it would be great if we could copy the primary website to a deployment slot, without performing a swap.

          413 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            24 comments  ·  Flag idea as inappropriate…  ·  Admin →
          • Support Double Wildcard Custom Domains

            For multi-tenant applications, we require the ability for Azure to support double wildcard custom domains.

            Single wildcard custom domains are currently well supported, i.e.

            *.mydomain.com

            catches all unmapped, single subdomain urls e.g. level1ex.mydomain.com, level2ex.mydomain.com etc

            The issue (which isn't documented: see forum post below) is that secondary level wildcards are not supported at all by Azure:

            e.g. www.level2.mydomain.com will result in a 404 error.

            Why is this important? in a multi tenant environment, with lots of customers on different subdomains, it is best from an end-user perspective to support a www. subdomain prefix, as that's what 99% of non-technerati do…

            359 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              14 comments  ·  Flag idea as inappropriate…  ·  Admin →

              this feature has been postponed as it wouldn’t be complete and might be revisited later if standards/supported features by CAs and browsers change (double wildcard certificates are not supported standard, resulting in no way to secure double wildcard domain)

            • Enable 'client certificate authentication' per directory

              I have a site that only part of it needs to be secured with client certificate authentication, it is able to be enabled on the site level but not the directory level as per this article.

              https://docs.microsoft.com/en-us/azure/app-service-web/app-service-web-configure-tls-mutual-auth

              317 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                8 comments  ·  Flag idea as inappropriate…  ·  Admin →

                Hi,
                thanks for the feedback. This is not currently possible as client cert auth on App Service is in require mode and as such cannot be delegated to folder level.

                We will review this item and your feedback, we may look to implement this capability based on customer prioritization.

                Thanks

                Andrew

              • Provide .NET language packs on Web Apps

                I'm working on a website that uses System.ComponentModel.DataAnnotations

                On my local machine, model validation messages are displayed in french but they are in english when I deploy the website to Azure.

                Please install .NET language packs on Azure Web Apps so we don't have to create .resx files and messy code to override .NET built-in messages...

                293 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  13 comments  ·  Flag idea as inappropriate…  ·  Admin →
                • Application instance health monitoring and recovery using web tests

                  We've recently suffered a 3 hour outage on our web app due due to the process servicing the web app continuously crashing. After escalating the issue and working with an escalation engineer we have not been able to diagnose the cause (access violation but unfortunately the crash dump was corrupted).

                  However what we have learned is that even with multiple instances running if this was to happen again the unhealthy instance would not be removed from the load balancing and all requests serviced by that instance would fail. According to the escalation engineer the load balancing just detects infrastructure failures,…

                  204 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    12 comments  ·  Flag idea as inappropriate…  ·  Admin →
                  • Make OData a first class citizen.

                    Apparently OData (Microsoft's flagship REST data protocol) isn't fully supported.

                    More info:

                    https://social.msdn.microsoft.com/Forums/azure/en-US/7363e392-86d8-4b60-99fd-af98e128ab06/whats-the-odata-story?forum=AzureAPIApps

                    quote
                    "If you can manually create Swagger 2.0 metadata to describe your REST API, it will work perfectly."
                    /quote

                    Assuming it's true that swagger can't do OData, I would think that fact alone would've precluded swagger as an option.

                    Additionally, whatever the reason swagger cannot create metadata for a WebAPI OData project should have been addressed before launch.

                    Regardless, please fix this.

                    197 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      3 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
                    • Add ability to use API Key authentication

                      It would be nice to be able to protect API apps with a set of API Keys instead of requiring a user to manually log in. This would be especially helpful for backend APIs that don't require user authorization or are accessed primarily by other servers.

                      193 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        8 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
                      • Add url-based probe health checks to Web Apps

                        When I spin up multiple instances of a Web App, and one of them goes unhealthy in the sense that it starts throwing HTTP 500 errors, I'd like the load balancer to take it out of the load, ideally by using load balancer probing.

                        This is achieved through WebRoles as detailed here: https://msdn.microsoft.com/library/azure/jj151530.aspx, but this functionality is not available in Web Apps. It would really help soften the blow of instance-based outages.

                        191 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          7 comments  ·  Flag idea as inappropriate…  ·  Admin →
                        • Add azure commandlets

                          There is a possibility to run windows powershell scripts in Azure websites but if developers were able to run the Azure powershell commandlets they can unlock the Power of Azure powershell!

                          167 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            4 comments  ·  Flag idea as inappropriate…  ·  Admin →
                          • Add a web hook to get notified of completed auto-swaps

                            Deployment slots with the auto-swap feature are useful to warm up the application before making it visible. Unfortunately, it is not possible to get feedback from the operation.

                            It would be nice to have a web hook that is invoked with the result of the operation (success/failure).

                            165 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              3 comments  ·  Flag idea as inappropriate…  ·  Admin →
                            • Antimalware feature on Web Apps (App Service)

                              Cloud Services and Virtual Machines have an antimalware feature to protect themselves from viruses.
                              However, Web Apps only protects their platform, and there is no customer-facing antimalware service now.
                              If we develop an application which receives files from anonymous users with an upload form, we can't detect and get rid of the viruses.
                              We strongly request the antimalware feature like that Cloud Services and Virtual Machines do.

                              160 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                4 comments  ·  Flag idea as inappropriate…  ·  Admin →
                              • Online Certificate Status Protocol (OCSP) Stapling

                                We are seeing some delays in Time To First Byte because OCSP stapling is not active on Azure Web Apps SSL endpoints.
                                This causes our clients' browsers to call the issuing CA's endpoint before SSL negotiation can really begin.

                                Stapling would save the client browser from having to make an extra request to the CA checking if the certificate has been revoked.

                                There is also a potential privacy issue for our clients that the CA will be able to log these requests. If the web server takes care of OCSP on the other hand no requests will be sent from…

                                137 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  9 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                • Ability to suspend App Service Plans without charge

                                  To save on costs, we want the ability to shut down an App Service Plan overnight while nobody is using it. We can shut down the Web App itself in an automated fashion, but the App Service Plan still charges us even through there are no running instances. Deleting and rebuilding the App Service and the App Service Plan is an option, but it is messy. Please consider not charging for periods where there are no running resources attached to the App Service Plan.

                                  128 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    4 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Support optional client certificates for TLS mutual auth

                                    Client certificat optional

                                    In IIS the client certificat may be:
                                    - ignored
                                    - accepted (certificat optional)
                                    - asked (certificat mandatory)

                                    But on app service it can't be "accepted".

                                    127 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      25 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Support Dv2-series VMs in Standard tier

                                      Currently the Dv2-series of VMs are only supported in the Premium (V2) tier. Please support these VMs in the Standard tier for those who need to leverage the much-improved performance but who do not need (and cannot afford) all the expensive features of Premium.

                                      118 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        3 comments  ·  Flag idea as inappropriate…  ·  Admin →

                                        Thank you for the feature request. We are aware of the major improvement Dv2 represents and we are constantly looking to improve our offerings. We have no plans right now but we will update here if this changes in the future.

                                        Thanks,
                                        Oded

                                      • Make a JDK available with the JCE Unlimited Strength Jurisdiction Policy Files applied

                                        Currently, none of the JDK's have the JCE Unlimited Strength policy files applied.

                                        http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

                                        Please can these either be applied by default or can there be an option to have them applied?

                                        109 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          8 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Make Application Gateway WAF services available for non-ASE App Service plans

                                          The Application Gateway and specifically WAF are useful even for simpler apps because of the OWASP and general security protections afforded.

                                          App Service Environments are extremely costly compared to a loaded Standard S1 or Premium P1 App Service plan and the Application Gateway/WAF cannot be used without the ASE.

                                          While there are WAF solutions provided by 3rd parties it would be great if the Azure solution used for ASE's was also available for standard App Service plans.

                                          Thanks

                                          97 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            5 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 8 9
                                          • Don't see your idea?

                                          Web Apps

                                          Feedback and Knowledge Base