Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

We welcome user feedback and feature requests!

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. DNS resolution is not working in Azure Web App for Containers (linux)

    DNS resolution is not working in Web App for Containers (linux) when using custom docker image. The DHCP generated resolv.conf is broken. After using SSH to log in to the container trying nslookup google.com also fails with DNS resolution error.

    See my sample project for more details:

    https://github.com/henkosch/azure-webapp-dnstest

    The problem is also mentioned in the comments section on this page:

    https://docs.microsoft.com/en-us/azure/app-service/containers/app-service-linux-faq

    Does anyone have an idea how to fix this?

    33 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      2 comments  ·  Bugs  ·  Flag idea as inappropriate…  ·  Admin →
    • REST API shouldn't return 0 when it doesn't have the actual data

      Calling the REST API to get CPU or memory usage of an app service plan, if you ask for it in the last minute it can return 0 to you, when a few minutes later it will return the actual value for the same time, it seems it takes a while for the real data to be available to the API, however I think it's wrong to return incorrect data, it should not return a value until it has the real value.

      1 vote
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Bugs  ·  Flag idea as inappropriate…  ·  Admin →
      • Web Apps should not return 500 error when attacker appends MS-DOS devices to URLs

        If an attacker is trying to fingerprint your web server, perhaps looking for https://nvd.nist.gov/vuln/detail/CVE-2007-2897

        He may try https://yourSite.azurewebsites.net/AUX or https://yourSite.azurewebsites.net/PRN

        or any of the MS-DOS devices:

        https://support.microsoft.com/en-us/help/74496/ms-dos-device-driver-names-cannot-be-used-as-file-names

        Rather than return a 40x error, it returns a 500, and also leaks the server header "Server:Microsoft-IIS/8.0"

        This is a bad situation to be in - throwing 500 errors, and leaking the server technology. Throwing 500 errors makes our sites more susceptible to DoS attacks? If an attacker sends 1000s of requests that throw 500 errors, the site will go offline in a short period of time?

        0 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  Bugs  ·  Flag idea as inappropriate…  ·  Admin →

          Hi there,

          Thanks for bringing this up!

          We will look into the leaked server header, but based on some testing, it is not trivial fix.

          The internal server error responses are not harming your application in any way and cannot be used for DoSing the site (your site will not go down because of these). Unfortunately, fixing the response itself to 4xx type of response might be more challenging and there is currently no timeline for that and it is in our backlog.

          We will update when there is work deployed to address the above.

          Thanks,
          Oded

        • The overwritten data in Connection stringsis not reflected in Backup Configuration.

          When we choose the Backup Database from Backup configure after The connection strings is overwritten.There is a bug.That doesn't seen to have problem.
          Using the DevTools(F12),make sure sending datas. The overwritten data in Connection strings of Application setting is not reflected .
          we have to delete the data once and add new data to avoid this bug and update new data in application setting.

          2 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Bugs  ·  Flag idea as inappropriate…  ·  Admin →
          • Enable 'Connect', 'Log Stream', 'Console' etc for App Service Environment

            When you deploy an App Service into an App Service Environment behind an ILB, much of the UI is greyed out. Examples of this is the 'Connect' button, 'Log Stream', 'Console' etc.

            I have to manually construct a URL to get to the kudu endpoint right now in order to use the console.

            16 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Bugs  ·  Flag idea as inappropriate…  ·  Admin →
            • allow empty collection as a value of Set-AzureRmWebApp -AppSettings parameter

              Attempting to clear AppSettings using
              Set-AzureRmWebApp -ResourceGroupName $resourceGroupName -Name $name -AppSettings @{}
              fails the validation. I believe this is a bug because it should be possible to clear all AppSettings this way.

              9 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Bugs  ·  Flag idea as inappropriate…  ·  Admin →
              • Allow us to remove the Zend Extension "opcache" from the default php.ini file

                When you run PHP 5.5+ in an Azure website, the opcache Zend Extension is automatically enabled as the first Zend extension in the php.ini file.

                "[ExtensionList]
                ...
                zend_extension=php_opcache.dll"

                Any other Zend extension we add is appended after opcache.

                Since this file is read-only, you cannot remove this extension.

                This conflicts with other Zend extensions like ioncube, which require themselves to be the first extension loaded.

                Please allow us to choose whether the opcache extension is enabled in php.ini OR give us a way to remove it WITHOUT running a custom PHP runtime of our own.

                I'd much rather you manage…

                6 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  2 comments  ·  Bugs  ·  Flag idea as inappropriate…  ·  Admin →
                • Allow access to certificate stores

                  As of today, you can't programatically install your own certificates (e.g. read from App_Data and Add(..) to store) to the Root or CertificateAuthority stores. This is seen in the LocalMachine as well as CurrentUser certificate store location. The PaaS responds with a "CryptographicException: Access is denied." which is bizarre because non-basic plan customers are paying for the entire underlying VM. Even on the basic plan you should allow this but restrict it to the CurrentUser store location since the VM/IIS could be shared with other cloud customers.

                  As of now, you can only access the "My" store which is a…

                  10 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    under review  ·  0 comments  ·  Bugs  ·  Flag idea as inappropriate…  ·  Admin →
                  • Don't see your idea?

                  Web Apps

                  Feedback and Knowledge Base