Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add Application Initialization Support for Scale Up/Down

    The application initialization/warmup feature works great when scaling out/in, but when scaling up/down requests are immediately routed to the new instances before the application is warmed up. It would be great if the new instances could be warmed up before rerouting requests to them.

    267 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  2. Associating Hybrid Connections to Azure App Services cannot be automated

    There is no way to associate a Hybrid Connection to an Azure App Service via ARM Template or PowerShell.

    This is a significant gap since we cannot automate this at all when that is the driving factor for DevOps and PaaS services.

    133 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    16 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow Custom URL Rewrite Handler for Database

    Allow installation of a GAC custom rewrite handler for doing URL rewrites on Web Apps using a database backend.

    84 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add "Allow access to Azure services" in Azure App Service IP restrictions

    Re this thread

    https://www.yammer.com/azureadvisors/#/Threads/show?threadId=945875058

    I'd used PowerShell to manually add IP restrictions a couple of weeks ago. Right away my App Insights availability tests started failing so I narrowed the test location down to Dublin IE and allowed those IP/Subnets.

    Add an option similar to SQL Server "Allow access to Azure services" That white lists Azure App insights availability tests for selected regions.

    Thanks

    Luke

    84 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →

    There was some confusion about this feature due to the documentation for it and UX originally released had a bug.

    The IP Restrictions feature works as an ALLOW list, rather than a DENY list as originally stated.

    The ask here is still valid, there are other services in azure (like SQL) that have UI to explicitly allow other azure services to reach the database. While this is convenient for development scenarios, it’s not a good idea for securing the resource.

    We’ll keep an eye on this request and see if it gathers more up-votes.

    -Byron

  5. FTP accounts tied to subscription, not user. Not enough auditing

    In the current model, FTP credentials are tied to a user's azure login. Thus, we have no visibility into credentials that are set, as we cannot see other people's FTP credentials they've set. Furthermore, when an FTP account is created or deleted, nothing is logged. This makes it difficult to audit who has access. With the logins being tied to the user, when the user leaves, there is no way for us to reclaim that username unless they delete their ftp credentials first. This doesn't always work, as a user may depart abruptly or not on good terms. Although the…

    50 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  6. implement a graceful restart an Azure Web App with multiple instance

    We would like to have feature through which we can perform the configuration changes through portal without down time when there are multiple instances are available. The similar stuff is available in advanced restart where you can define the delay between restart of each instance.

    43 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →

    Hi everyone, we have some long-term plans to improve the restart speed and experience.

    For this scenario we suggest creating a new slot, applying your changes there, validating they work, and swapping your changes. This pattern will avoid downtime on your production site.

  7. App Service Public SSL Certificates persist When Swapping Slot

    Currently, if a Web App slot (ex: "staging") is created from an existing Web App that has Public SSL Certificates configured, these are not present on the new slot.

    In addition during a slot swap, the "production" slot does not persist the Public SSL Certificates. The configuration for the Public SSL Certificate moves to the "staging" slot.

    This behavior does not appear for other configurations such as Private SSL Certificates or AppSettings and could lead to "production" issues if the Public SSL Certificate is expected on the Web App.

    The consumer recourse currently is to re-apply the Public SSL Certificates…

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  8. Use actual endpoint testing for custom domains rather than checking CNAME value

    Our domain is “example-domain.com”. Let’s say I’m trying to set up an App Service called “booking-service”, which will be assigned the default URL of “booking-service.azurewebsites.net”. At the *end* of this whole process, I want to have an App Service in Azure responding to the hostname “booking-service.example-domain.com”, sitting behind our CDN (Cloudflare).

    The failing path:
    Step 1: I create the App Service in Azure. This generates the “booking-service.azurewebsites.net” URL.
    Step 2: I create the CNAME “booking-service.example-domain.com” on Cloudflare’s control panel pointing to “booking-service.azurewebsites.net”, leaving the proxy/CDN/IP-hiding feature *enabled*. While in their control panel, we select the “CNAME” record type, however in…

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Ability to pin deployment status on dashboard widgets (REGRESSED)

    This was previously implemented on the original Deployments pane, but has now regressed with the new Deployment Center and you cannot see the progress of builds on the dashboard again.

    Worse yet, the old functionality seems to have been deprecated, so new instances cannot be set up with the old build process.

    Seeing build status at a glance is extremely important for micro-service architectures, where you may push to a single repo branch and have multiple services rebuild and spin themselves back up in reaction.

    Here is the original request that got implemented: https://feedback.azure.com/forums/568069-azure-mobile-app/suggestions/37243549-show-deployment-status-for-web-apps

    Screenshot showing example of web/API and…

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Copy the application log settings when cloning deployment slots

    It would be better if the log settings are copied into a newly created slot, when we clone a slot, just like the app settings does.
    For example, currently when we turn the blob logging enabled and then clone the slot, the logging get disabled in a new slot.
    On the contrary, the blob container settings remains.

    This is because the blob container setting is saved as an environment variable in app settings.
    Here is the result in ResourceExplorer, when I cloned a slot.

    "applicationLogs": {
    "fileSystem": {
    "level": "Off"
    },
    "azureTableStorage": {
    "level": "Off",
    "sasUrl": "https://strageaccountsample.table.core.windows.net/xxxxxxx"
    }, …

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  11. 6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Idempotent swap slot operation to support swapping via ARM template deployments

    This would simplify deployment governance (no need for an out-of-band swap operation when doing a deployment). Ideally the API would look something like:
    PUT Microsoft.Web/sites/mysite/swapstate
    {
    "properties": {
    "slot": "staging", // The slot to look at
    "type": "oldest|newest" // Whether the oldest or newest bits between the "active" and the specified slot should be taken. This allows our operation to be idempotent and predictable.
    }
    }

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  13. Enable users to see their Linux web app temporary storage size

    Problem :
    According to the Azure Support team, App Logs and Docker operations (build, pull, run), and maybe other services, use a "temp space" that is mutualized between all the Web Apps of a App Service Plan.
    This "temp space" is not documented and can block Docker operations, and thus prevent deployments.

    Solution :
    - Expose the "temp space" available size for each plan
    - Document how this "temp space" is used
    - Expose a view allowing to monitor this "temp space" usage and set alerts, ...

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  14. It should be possible to renew/replace an SSL certificate via ARM templates

    When I deploy an ARM template (that has previously been deployed) which contains a certificate, I would expect that the certificate would be updated/replaced when the pfxBlob has changed.

    {
    "type": "Microsoft.Web/certificates",
    "name": "[variables('appService_name')]",
    "apiVersion": "2016-03-01",
    "location": "[parameters('resourceLocation')]",
    "properties": {
    "pfxBlob": "[parameters('sslCertificateData')]",
    "password": "[parameters('sslCertificatePassword')]"
    }
    }

    The current behaviour is that that the deployment will succeed and the certificate will not be updated. This is not intuitive.

    Currently, to work around this limitation, it is necessary to remove the existing SSL binding and certificate via the portal or Powershell.

    Remove-AzureRmWebAppSSLBinding -Name $bindingName -ResourceGroupName $resourceGroupName -WebAppName $webAppName -DeleteCertificate $true

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Make Vnet sticky to slot

    When switching slots currently if you have a vnet on one slot and not the other, the vnet is switched between slots. As this vnet may be pointing to a testing environment on one slot and a production environment on the other slot, it would make sense to have this be a sticky setting to the slot, with the option to make it global across the app in the case that all slots will be using the same vnet.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  16. folders in static websites

    Allow folders creations in Azure Static Website

    I could not use Azure Statics Website because it does not allow to upload a whole folder. I Just went to Netlify, upload my folder and everything was working fine, including http2 protocol.

    Please copy them.

    Regards

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  17. Please make App Service CORS work properly, or get rid of it all together.

    CORS support in Azure App Service is currently terrible. It currently only supports origins and credentials. Where is the header support and where is the method support?

    Also, why does it refuse to work for localhost? http://somesite.bla.com/works fine in App Service CORS settings, but if I add http://localhost or http://localhost:1234, App Service never responds with "Access-Control-Allow-Origin: ..." when I access it from a localhost (or localhost:1234) origin.

    Additionally, if my service responds with a 401 error (bearer token needed or basic auth), App Service CORS seems to freak out and completely break - regardless of origin and settings.

    Lastly,…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add support for existing azure devops project for deployment center github repo

    When you create a new deployment for a github repo from the deployment center on the third step you are only offered the chance to create a new project in azure devops and not the option to use an existing project. This is not practical at all and makes it useless for our repos hosted on github.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  19. [Linux] Don't try to run Docker container after failed pull operation

    Currently App Service would run and fail after unsuccessful pull operation (e.g. triggered by a change to linux_fs_version).

    BTW, pull fails for newly created App Service (using Terraform), it seems that linux_fx_version triggers pull without DOCKER_REGISTRY_SERVER_* application settings, after 4 minutes it successfully retries and pulls the image.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Portal support for installing an SSL certificate direct from Key Vault

    In an ARM template I can install my SSL certificate direct from Key Vault, by adding a "Microsoft.Web/certificates" resource.

    The Azure portal equivalent is to download the PFX from Key Vault to my computer, and upload it back to portal in the App Service SSL Binding blade. And lookup the password from wherever I saved it, and type it.

    It would be more secure and more convenient if I could just enter the Key Vault and secret name on the SSL Bindings blade. I wouldn't even need access to the Key Vault myself. The ARM provider works because the "Microsoft…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base