Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Enable 'Connect', 'Log Stream', 'Console' etc for App Service Environment

    When you deploy an App Service into an App Service Environment behind an ILB, much of the UI is greyed out. Examples of this is the 'Connect' button, 'Log Stream', 'Console' etc.

    I have to manually construct a URL to get to the kudu endpoint right now in order to use the console.

    160 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Bugs  ·  Flag idea as inappropriate…  ·  Admin →
  2. Hybrid Connection Manager Support for Linux

    We are an ISV leveraging Azure PaaS to provide an iPaaS service to customers. We have a requirement to connect to on premise servers to access line-of-business apps. Currently, we leverage Azure’s Hybrid Connection Manager --- but are limited to Windows servers only. Our customers have both Windows, Linux and mixed environments. This considerably limits our market.

    Can we expect Linux support? If so, when? Any suggested work arounds?

    Thank you for your consideration.

    158 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  3. TLS 1.3 is now approved, this should be implemented with Web Apps

    TLS 1.3 is now no longer a draft, when will Azure introduce the option to enable it?

    https://tools.ietf.org/html/rfc8446

    142 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    13 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Make Application Gateway WAF services available for non-ASE App Service plans

    The Application Gateway and specifically WAF are useful even for simpler apps because of the OWASP and general security protections afforded.

    App Service Environments are extremely costly compared to a loaded Standard S1 or Premium P1 App Service plan and the Application Gateway/WAF cannot be used without the ASE.

    While there are WAF solutions provided by 3rd parties it would be great if the Azure solution used for ASE's was also available for standard App Service plans.

    Thanks

    139 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Associating Hybrid Connections to Azure App Services cannot be automated

    There is no way to associate a Hybrid Connection to an Azure App Service via ARM Template or PowerShell.

    This is a significant gap since we cannot automate this at all when that is the driving factor for DevOps and PaaS services.

    133 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    16 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  6. Install 64 bit dotnet.exe runtime

    I have a memory intensive webjob that uses dotnet.exe and needs to run in 64 bit mode. But the dotnet.exe currently installed is 32 bit.

    Is there an easy way to change this to 64 bit? Or can the 64 bit dotnet.exe be installed by default?

    122 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    12 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow IP Restrictions to be a Slot Setting

    In the same way as we have with App Settings it should be possible to make the IP Restrictions a slot setting (sticky) so that they don't migrate when you swap slots. This could be per IP even....

    116 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  8. The Always On setting should have an option to make it sticky to the slot when swapping

    This is odd it isn't this way by default but should at the very least have an option to make it sticky so as to not break anyone's current practices (in fact, shouldn't more settings have the option to be sticky?).

    The issue here is that an always on slot consumes resources. If for example each app consumes 200Megs of RAM, and I have 5 app services running on a service plan, each app service has 2 slots for swapping, then I need to have Always On turned on unnecessarily for 10 slots (2gigs of RAM consumed for nothing). The…

    111 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Restart App Service Plan (all Web Apps in a plan), something similar to iisreset, from within the portal

    It would be great to have a restart button, similar to the restart button in a Web App, but on the App Service Plan level to restart all Web Apps in a plan. something similar to iisreset.

    100 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    13 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Hi Ibrahim,

    What issue are you trying to solve? What use case would this be used for?

    It seems to me that placing a restart option on the plan level might do more harm than good, by resetting the memory on all the apps under the plan. Depending on your scenario, auto-heal would be a great solution to solve individual machine issues. See a video by my colleagues here for more details: https://channel9.msdn.com/Series/Windows-Azure-Web-Sites-Tutorials/Auto-Healing-an-Azure-App-Service

    Placing this idea under review for now until I understand what’s at the base of the request here.

    Thanks!
    Oded

  10. Allow App Service to Access Secret without version

    Currently an App Service can access Secrets App Service Identity - but the secret version must be part of this configuration.

    What would be helpful is to allow the App Service to get the latest version of the secret - that way a value can be centrally changed - without having to update the App Service configuration (to use the new version of the secret).

    This will allow management of the data in the Key Vault - without requiring updates to the App Service to get the new value.

    98 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add "Allow access to Azure services" in Azure App Service IP restrictions

    Re this thread

    https://www.yammer.com/azureadvisors/#/Threads/show?threadId=945875058

    I'd used PowerShell to manually add IP restrictions a couple of weeks ago. Right away my App Insights availability tests started failing so I narrowed the test location down to Dublin IE and allowed those IP/Subnets.

    Add an option similar to SQL Server "Allow access to Azure services" That white lists Azure App insights availability tests for selected regions.

    Thanks

    Luke

    90 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →

    There was some confusion about this feature due to the documentation for it and UX originally released had a bug.

    The IP Restrictions feature works as an ALLOW list, rather than a DENY list as originally stated.

    The ask here is still valid, there are other services in azure (like SQL) that have UI to explicitly allow other azure services to reach the database. While this is convenient for development scenarios, it’s not a good idea for securing the resource.

    We’ll keep an eye on this request and see if it gathers more up-votes.

    -Byron

  12. App Service - Allow Named Pipe Activation to be enabled

    We would like to use named pipes to communicate between services on the same app service, but this doesn't seem to be possible since named pipe activation isn't enabled in .Net on the app service.

    88 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Permission for accessing Performance counters

    We would like create a custom monitoring solution for our Azure Web Site based projects. Unfortunately the web site and job processes do not have permission to read performance counters.

    I understand that this is mandatory for a shared hosting environment. However I see nothing against having such functionality if the user has dedicated instances.

    Would it be possible to remove this restriction?

    87 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow Custom URL Rewrite Handler for Database

    Allow installation of a GAC custom rewrite handler for doing URL rewrites on Web Apps using a database backend.

    84 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Make App Settings KeyVault Reference default to latest Secret Version

    KeyVault references in App Settings is a welcome improvement in KeyVault integration.
    One lingering aspect to improve, I think, is to allow us to expect the latest secret version - such that we can specify the secret name and can forget about versioning if we wish. Clearly versioning also supports a stricter process.

    70 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Azure App Service Certificate : Add support for EV certificates (Extended Validation)

    Azure App Service Certificate permit to have standard SSL and Wildcard. But need to add a new SKU for permit customers to register an EV Certificate too (Extended Validation)

    69 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  App Gallery  ·  Flag idea as inappropriate…  ·  Admin →
  17. Provide more secure TLS ciphers

    Currently Chrome flags the CBC ciphers as obsolete. CBC ciphers are at the top of the cipher preference list of Azure Web Apps as you can see there: https://www.ssllabs.com/ssltest/analyze.html?d=test.azurewebsites.net
    More info: https://www.chromium.org/Home/chromium-security/education/tls#TOC-Cipher-Suites


    So please provide some more secure ciphers from the ECDHE cipher suite like TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256.

    68 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Access to a populated User.Identity

    It would be very valueable to have Access to a "populated" User.Identity in the Controllers. Most of the the time, at least in my apps, my Apis will present user specific Content. Having a populated User.Identity would help alot.

    59 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →

    Hello!

    At the moment our recommended method for checking the identity of the current user is to check several attributes added to incoming requests. This is to allow your application to go completely in and out of memory on lower priced tiers without “always-on.” Check out the tutorial below for the header names.
    https://docs.microsoft.com/en-us/azure/app-service-api/app-service-api-authentication

    We would like to have language specific auth functionality like this in the future. I am placing this item in “unplanned” to be used in future planning sessions.

    thanks for your feedback!
    Alex
    Azure App Service Team

  19. Enable Hybrid Connections to work with read-only routing feature in SQL Server Availability Groups

    We have a setup where App Service in Azure connects to on-premise SQL Server via Hybrid Connection. SQL Server environment on-premise is AlwaysOn Availability Group of 3 servers.

    Azure App Service uses connection string, where "Server=" part specifies Availability Group Listener DNS name. App Service connects to AG Listener just fine, and listener directs App Service to primary server. Setup works fine and App Service can read data from primary server.

    However, when we add "ApplicationIntent=ReadOnly" part into connection string, App Service can't connect to SQL Server and throws generic "network specific or instance related..." error. Our goal by adding…

    54 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  20. 54 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base