Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. [Linux] Web App for Containers set latest pushed tag as the container image

    When a new tag is pushed to container repository the web app should be able to pick up the latest pushed tag and set it as the running image. This can be given as a switch setting (checkbox).Currently you are pointing the image at a specific tag.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  2. Need app service disavailable instance deploy slot when F1 -> Paid plan -> F1

    App service F1 plan can not control instance size. (I know only paid plan can control instance size. Also, B1 plan can control 3 instance maximize).

    But, when I create App service with F1 plan.
    and change to B1, create one instance.

    And then, change plan to F1.
    In this condition, can use deployment slot with F1 plan.

    I think It is bug. and should fix it.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Make Azure wildcard for IPRestrictions

    We have been tasked with securing our non-prod environments so that they are only accessible from our two buildings (not the world at large). We rolled through and did that on all of our App Services, and it worked in that we could still access things from our locations, but things broke because services that called other services on the backend were now being denied access (because we only had 2 ranges defined for our 2 building). Logic apps, also, that were calling app service endpoints or function apps, also started failing, and offshore developers that work exclusively in Azure…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Upgrade npm to 6.13.4+because of a critical vulnerability

    The NPM team warned everybody about a critical Binary planting vulnerability in NPM versions prior to 6.13.3. Right now we cannot use this version on Azure App Service. Please install npm v6.13.4 ASAP!

    More information: https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  5. ILB ASE does not permit to adjust the TCP idle timeout

    Currently, the ILB ASE does not permit to adjust the TCP idle timeout that is set as default to 4min
    The Load Balance has and optional parameter "IdleTimeoutInMinutes" were the acceptable timeout range is 4 to 30 minutes.
    Why the ILB ASE does not have the same optional parameter?

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  6. Return 503 when App Service is stopped

    I try to understand whey when App Service is stopped the HTTP status 403 is returned and not 503. Wouldn't it be more appropriate to return 503? Many clients to APIs properly handle 503 as transient error, and it would be helpful to let them wait if we return 503 in this use case if we had to stop App Service for whatever reason.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Azure WebApps NodeJS - A frustrating day of black boxes

    Today I have been trying to use Azure to deploy a NodeJS application to an Azure WebApp with frustrations.

    I am no NodeJS hipster and have just started/stumbled into NodeJS development but feel that today has been a hard day for me to achieve something.

    I have written a NodeJS GitHub app using GitHub's Probot tool which also helps scaffold the necessary parts - https://probot.github.io/docs/

    Brilliant I have hacked my way to something that works locally & now I would like to deploy it. Working at a Microsoft house where we use Azure, I thought it would be best to…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow users to run 'sync' operation themselves for troubleshooting

    We had an issue where we attempted to clone an app service, and the operation only partially completed. We were left with an app service plan that said we couldn't delete it because it contained an app service, but we were unable to see or interact with the app service in the UI (or via api's).

    We had to contact support, and they said, and I quote... "We performed a sync on your subscription and wanted to see if you are able to delete the site now."

    If this 'sync operation' is able to resolve these issues, then make it…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add support to do POST health check requests for SOAP web service health checks, instead of only doing a GET for health checks

    Adding support to do POST health check requests for SOAP web service health checks in traffic manager, instead of only doing a GET for health checks.

    The current issue is the dynamic DNS is not detecting proper outages of our SOAP web services because it performs a GET request and doesn't seem any problems, however we have had problems where our POST requests have stopped working and the dynamic DNS does NOT kick it since it can't detect it.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Supportability  ·  Flag idea as inappropriate…  ·  Admin →
  10. Better fault tolerance and self-healing

    We had an issue this month where every single web app on our app service plan started throwing 500 errors. After contacting support they informed us that it was most likely caused by an issue accessing the storage and to try enabling local cache settings so that the instances could use those in the case of a failure.

    The solution that worked was to scale down to a lower level and then scale up again - from that point all of the sites were restored.

    It would be better if the monitoring could detect and resolve this issue automatically so…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. 3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Reference Architecture for multiple isolated apps

    I would like a published reference architecture that describes the best practices for publishing multiple web applications in Isolated App Service Plan(s).

    We want to host multiple web applications with different networking needs:
    - Internal LoB applications.
    - Internet facing applications.
    - There are different application SQL Databases.
    - Some applications should not be able to access use resources within the vNET belonging to other applications.

    The single subnet per ASE relationship seems to force our hand to dictate multiple vNETs with multiple (costly) isolated plans. Am I missing something?

    In the reference architecture, I would like guidance on when…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  13. ETW providers

    Allow us to add other ETW providers to the Profiler trace. For example, System.Net traces - in .NET Core the only way to get System.Net traces is via ETW, which the only way to get an ETW trace out of App Services is by the DaaS Profiler Trace. If we can customize the trace to capture a custom list of ETW providers, then we can open-up so much possibility.
    One downside of that is ETW providers that folks shouldn't have access to. You would probably need to build a blacklist of providers that are off-limits. OR, you could add sets…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Diagnostics  ·  Flag idea as inappropriate…  ·  Admin →
  14. Portal support for installing an SSL certificate direct from Key Vault

    In an ARM template I can install my SSL certificate direct from Key Vault, by adding a "Microsoft.Web/certificates" resource.

    The Azure portal equivalent is to download the PFX from Key Vault to my computer, and upload it back to portal in the App Service SSL Binding blade. And lookup the password from wherever I saved it, and type it.

    It would be more secure and more convenient if I could just enter the Key Vault and secret name on the SSL Bindings blade. I wouldn't even need access to the Key Vault myself. The ARM provider works because the "Microsoft…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  15. an escape game

    you have to escape a monster

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
  16. Platform upgrade caused 503

    Our app service had several 503 and 502 errors when I reached out to support I was told that there were storage migration/upgrade and app server upgrade.
    THIS IS URGENT FOR MICROSOFT TO NOTIFY AZURE ADMINISTRATORS, I thought about all the bad things(undocumented change, attack, etc) and I was told that there were upgrades.
    App Service plan: P1V2
    Started after midnight of Saturday 6-27 till this morning 6-29.(Pacific Time). please call me for further details.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  17. Enable users to allow certain resources through a SQL Server firewall

    Currently, to let a specific app service access a sql server, there are currently two options:

    1) Scale the WebApp to at least S1 and put it in a VNET with a privat endpoint.
    2) Manually add all outbound IP addresses of the web app to the sql server's fiewwall.

    There should be an option to allow a specific web app through the firewall of a sql server, for easier configuration.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
  18. The az cli sets all settings to "slotSetting": true

    We have a json file with settings in this format:

    {
    "slotSetting": false,
    "name": "DevSupportMode",
    "value": "false"
    }

    When we try to use this file to set the settings on the appservice like this:

    az webapp config appsettings set -g $ResourceGroupName -n $WebAppName -s $SlotName --settings @$fileName

    Everything works fine except that all settings are set as slotSettings in the Azure app service even if we set that to false.

    az reports that the settings are set to false in the text it gives back when sending the command.
    {
    "name": "SupportedCultures",
    "slotSetting": false,
    "value": "en-GB"
    }

    It seems to…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Bugs  ·  Flag idea as inappropriate…  ·  Admin →
  19. WEBSITE_LOAD_CERTIFICATES

    Azure Upload certificate by rest API problem

    I have upload certificate by rest API: PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/certificates/{name}?api-version=2016-03-01

    https://docs.microsoft.com/en-us/rest/api/appservice/certificates/createorupdate

    and then I see certificate in SSL settings - Private Certificate. If I call GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Web/certificates?api-version=2016-03-01

    If try to get in .net:

    private string GetStoreCertificate(string thumbprint)

        {
    
    string name = "";
    try
    {
    List<StoreLocation> locations = new List<StoreLocation>
    {
    StoreLocation.CurrentUser,
    StoreLocation.LocalMachine
    };

    foreach (var location in locations)
    {
    X509Store store = new X509Store("My", location);
    try
    {
    store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
    X509Certificate2Collection certificates = store.Certificates.Find(
    X509FindType.FindByThumbprint, thumbprint, false);
    if (certificates.Count == 1)
    {
    name = certificates[0].FriendlyName;
    }
    }
    finally
    {
    store.Close();
    }
    }

    if (name…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Hybrid Connections - Allow them to be designated to a slot and not swapped

    Allow Hybrid Connections to be pinned to a specific slot like app settings and connections strings. Especially since connection strings and hybrid connections are typically codependent.

    Hybrid connections are designed to retrieve data from on-premises sources. 99% of the time, you don't want to swap that. I don't want a swapped slot to start pulling data from somewhere else.

    Say you have a Production and UAT slot. When I promote UAT into production, I still want the production slot to still use the production hybrid connection and the same for UAT.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base