Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

We welcome user feedback and feature requests!

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add support for free tls/ssl certificates

    I want to create a tls/ssl binding to a custom host-name with a free certificate

    6,623 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      171 comments  ·  Flag idea as inappropriate…  ·  Admin →
    • Add option for zip deployments so they ignore timestamps. NPM 5.6 Issue.

      NPM Versions over 5.6 cause node_modules to have their datetime set to 1985 on npm publish.

      What this means is that any zip deployment on a project that uses node causes incorrect installs. (package-lock, state version x.2, but in reality, its got x.1 installed, depending on the semvar, this could be a breaking change)

      I propose we allow an option to ignore timestamps so that existing projects can easily get their sites back to being updated.

      This is a big deal for any applications which are under heavy security scrutiny as they probably rely on artifacts.

      For more information, see…

      90 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
      • Web App should use private IP in a VNet with Service Endpoints

        Remove the limitation that prevents us from using Web Apps with Service Endpoints to limit access to Azure SQL database.

        Limitation is described here: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-vnet-service-endpoint-rule-overview?toc=%2fazure%2fvirtual-network%2ftoc.json#limitations
        "•A Web App can be mapped to a private IP in a VNet/subnet. Even if service endpoints are turned ON from the given VNet/subnet, connections from the Web App to the server will have an Azure public IP source, not a VNet/subnet source. To enable connectivity from a Web App to a server that has VNet firewall rules, you must Allow all Azure services on the server."

        440 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          15 comments  ·  Flag idea as inappropriate…  ·  Admin →

          Hi all,

          We are currently working on items that will enable service endpoints for multi-tenant App service. We will share the news of the features we deliver on the App Service Blog here: aka.ms/AppServiceBlog.

          We also expect to speak about this topic at the Ignite conference in September in Orlando.

          Thanks,
          Oded

        • Enable VNET integration for App Service on Linux without ASE

          I would really appreciate it to be able to use the VNet integration and hybrid connections for Linux App service without needing to multiply my costs by paying for an app service environment just for one app service.

          Here is a similar idea, but it got resolved because of ASE. I think however there should be a solution without ASE.

          https://feedback.azure.com/forums/169385-web-apps/suggestions/32534479--linux-enable-vnet-integration-for-app-service-on

          57 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            started  ·  2 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
          • Upgrade Host OS version for WebApp for Windows Container

            Our team is experimenting Web App for (Windows) Container. I got error when trying to upload docker image:

            Cannot run this Operating System/Version in Windows Containers. Maximum supported OS version is 10.0.14393.9999.

            ===> Our web app can only run with 1709 or later. Does it have a plan to upgrade host OS version?

            18 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
            • Support Availability Zones for App Service Environment

              With Azure SQL and Storage having zone redundant capabilities and Application Gateway in preview, App Service Environment is soon to be the only thing keeping us from fully PaaS, zone redundant web applications.

              41 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                1 comment  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
              • Allow IP Restrictions to be a Slot Setting

                In the same way as we have with App Settings it should be possible to make the IP Restrictions a slot setting (sticky) so that they don't migrate when you swap slots. This could be per IP even....

                91 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  6 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
                • Allow App Service to Access Secret without version

                  Currently an App Service can access Secrets App Service Identity - but the secret version must be part of this configuration.

                  What would be helpful is to allow the App Service to get the latest version of the secret - that way a value can be centrally changed - without having to update the App Service configuration (to use the new version of the secret).

                  This will allow management of the data in the Key Vault - without requiring updates to the App Service to get the new value.

                  20 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
                  • Make certificate deployment idempotent

                    When including a Microsoft.Web/certificates resource in an ARM template, the deployment will fail with "Another certificate exists with same thumbprint XXXXXXXXXXXXXXXXXXXX at location xxxx in the Resource Group xxxxxx." if the certificate already exists.

                    The deployment should be idempotent like all of the other resource types and not fail if the resource already exists.

                    Otherwise, the certificate has to be deployed manually and cannot be included in an ARM template used for CI/CD deployments (ie: from VSTS)

                    55 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      3 comments  ·  Flag idea as inappropriate…  ·  Admin →
                    • TLS 1.3 is now approved, this should be implemented with Web Apps

                      TLS 1.3 is now no longer a draft, when will Azure introduce the option to enable it?

                      https://tools.ietf.org/html/rfc8446

                      56 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        5 comments  ·  Flag idea as inappropriate…  ·  Admin →
                      • Make Web App Timeout of 230 seconds configurable

                        Currently there is a 230 second hard timeout in web apps. We have certain reporting functions that run for a large dataset and they timeout. I've seen plenty of workarounds for this, but they all involve a substantial rearchitecting of the app. Since you can put a web app in its own app service plan, this 230 second timeout seems highly arbitrary and against the general flexibility that should be left to the developer and administrator.

                        Please make this timeout a configurable value and leave it defaulted to 230 seconds.

                        8 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          2 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
                        • The Always On setting should have an option to make it sticky to the slot when swapping

                          This is odd it isn't this way by default but should at the very least have an option to make it sticky so as to not break anyone's current practices (in fact, shouldn't more settings have the option to be sticky?).

                          The issue here is that an always on slot consumes resources. If for example each app consumes 200Megs of RAM, and I have 5 app services running on a service plan, each app service has 2 slots for swapping, then I need to have Always On turned on unnecessarily for 10 slots (2gigs of RAM consumed for nothing). The…

                          92 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            5 comments  ·  Flag idea as inappropriate…  ·  Admin →
                          • Scale Out wait for WarmUp complete before being added to LoadBalancer

                            When adding new instances to the LoadBalancer, scale out mechanism doesn't wait for those application instances to fully warm up.

                            Availability checker, via AppInsights, logs these responses, with the header:
                            'X-AppInit-WarmingUp: 1'

                            Which means that IIS knows that the application is in it's WarmUp cycle, but the LoadBalancer is already trying to serve requests.

                            N.B. we _can_ add a rewrite rule to redirect the user to the original request, and hope that the LoadBalancer sends the user to a ready instance - but this feels like a hack.

                            37 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              4 comments  ·  Bugs  ·  Flag idea as inappropriate…  ·  Admin →
                            • Slot swapping should check if cache is ready (applicationInitialization ignored)

                              After we incurred some downtime in our app service due to infrastructure updates on azure storage, we implemented the local cache feature to combat this. In doing so, this meant that we had to implement slots with preview in order to warm up the cache, ensuring that it is ready to serve before swapping. In implementing this we found that we had to also implement applicationInitialization in our web config.

                              Our experience shows that this configuration is being ignored. So that first applyingSlotConfig and then Slotsswap operations via powershell swaps slots without ensuring that the site is ready.

                              Our suggestion…

                              12 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                              • Azure PostgreSQL Db as a destination target in Azure DataFactory (cloud/ IR)

                                Will be realy great solution for migration from other hosting providers to azure web app with PostgreSQL as a backend.

                                8 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                • Add more native Cloud Apps to conditional base access

                                  Currently there is only a small set of Cloud Apps available in the Cloud App section to in- or exclude in conditional based access.

                                  My current configuration blocks all access to all Cloud Apps except the user is either member of a exception group or i excluded an application explicitly (e. g. Exchange Online or Sharepoint) or the device is marked as compliance (Intune) or the device is coming from a trusted location.

                                  My first problem is, that i cannot onboard devices outside the company without adding the users to the exception group. The Intune Webportal (https://portal.manage.microsoft.com) is…

                                  10 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  App Gallery  ·  Flag idea as inappropriate…  ·  Admin →
                                  • 11 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Add Application Initialization Support for Scale Up/Down

                                      The application initialization/warmup feature works great when scaling out/in, but when scaling up/down requests are immediately routed to the new instances before the application is warmed up. It would be great if the new instances could be warmed up before rerouting requests to them.

                                      164 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        3 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Enable AAD Authentication for Multi-container Apps

                                        A common (if not best) practice is to compose applications of multiple containers for the sake of separation of concerns. However, Azure doesn't support authentication with Azure Active Directory for multi-container apps. Until this is in place, we can't deploy our applications to Azure in a clean way.

                                        9 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Rewriting to /public is absolutely not the right way to change the document root

                                          After doing some reading, I'm seeing Azure actually suggesting to people running Laravel (and any others that don't host out of the root project structure) applications to use mod_rewrite to rewrite requests to point to "/public".

                                          This is an absolutely ridiculous suggestion and is effectively some of the worst advice you could give. Forcing people to have "/public" in their URL structure because you guys didn't take the time to research the bare-minimum configuration options for your offering is not in any way acceptable.

                                          I suggest you urgently add support for the ability to configure the document root. Not only…

                                          22 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 14 15
                                          • Don't see your idea?

                                          Web Apps

                                          Feedback and Knowledge Base