Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Option to hide/anonymize IPs in webserver logs to be GDPR compliant

    It would be very helpfull if there would be an option to hide/anonymize IPs in webapps webserver logs. Right now you have to disable webserver logs completely to be GDPR compliant which might be not best practice.

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    Hi all,

    Thank you for the feedback and recommendations on this important topic!

    We will look at adding this to our feature roadmap though we don’t have any timing to share right now.

    For additional guidance please refer to “Azure Data Subject Request GDPR Documentation” under the Service Trust Portal: https://servicetrust.microsoft.com/ViewPage/GDPRDSR. Specifically read through, Part 1 – Step 5, which discusses the removal of personal data and timing in which you can leverage retention period settings for the logs.

    Thanks,
    Oded

  2. Metrics for Linux Docker Containers - Function APPS

    We are currently running several Linux Docker Containers in a function app and are surprised that most metrics are not available.

    The system reports on data in/out and http 5xx errors but that is all that it there. Information such as processed HTTP requests, response time, logs streams, processes and container load (cpu/memory/io is only available for the whole app service and not for the container).

    Docker function apps are heavy priced already and it doesn't help that most functionality in the portal is not available in this use case.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  3. App Service on Linux in Azure Stack

    App Service on Linux is a much requested feature from our customers, and is a glaring hole in the consistency between Azure and Stack today.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow to start an AAD authentication express setup from an ARM template

    When enabling AAD authentication on an App service, using an ARM tempalte, you have to manually specify a clientid and clientsecret. Something like MSI: identity: "system" would be much easier. Especially from a Ci/CD perspective.

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. App Service - Allow Named Pipe Activation to be enabled

    We would like to use named pipes to communicate between services on the same app service, but this doesn't seem to be possible since named pipe activation isn't enabled in .Net on the app service.

    89 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Support sending web server logs to OMS Log Analytics workspace

    Web Server logs can currently be written to a Blob storage account. However, it would be great if the logs could be sent directly to an OMS Log Analytics workspace.

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. [Linux] - Set Docker Image Tag as a slot setting in Application Settings of a Web App for Containers

    When swapping between staging and production slots of a Web App for Containers, it would be really handy to have the option of keeping the tag of each image in its respective slot (e.g. image:latest for production, image:dev for staging) and not get them to swap after each slot swap.
    Imagine you setup Continuous Deployment through Dockerhub. You push code changes on GitHub, and image build is triggered and then an image pull request from Azure to Dockerhub. If a swap has preceded the above flow, then newly build images would end up in the opposite from desired deployment slots. …

    26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  8. Metric and alert for Web App file system used quota

    We would like to setup an automatic alert that fires when the file storage of an app plan is reaching its limits.

    Ideally it will be great to have a metric that tells the % of storage (quota) consumed so we can set an alert on top of that metric.

    182 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Notifications  ·  Flag idea as inappropriate…  ·  Admin →
  9. Strict-Transport-Security

    With the ability now to force HTTPS, it would be nice if Strict-Transport-Security HTTP Header should also be set and knock another finding off of the security report:

    Details on The Header:
    https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  10. App service high disk queue length

    We have observed high app service disk queue length while testing an application hosted on App service plan . As per investigation along with the microsoft support engineer, it has been identified that the disk queue length metric has always been aggregated as a sum (Total) for the samples captured from a worker. So any small change in this metric on the worker will cause this to spike rapidly. Also multiple workers will additionally cause this counter to grow even faster. In short, this is not an actual reflection of the actual disk queue length at any point in time…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add static IP address for outbound traffic without the use of App Service Environment

    There are many reasons you may want to have a static IP address for outbound connections. For example, you may be accessing a system which requires you to whitelist IP address in a firewall, such as SQL Database or an external service.

    Currently, the only way to get a static IP address for outbound connections is to use App Service Environment. App Service Environments are quite complex, and has a very high price tag. You need at least 4 instances, 2 of which must be P2, meaning you'll pay at least 1000 EUR/month. Paying 1000 EUR/month just because you want…

    1,531 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    42 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Azure App Service Environment ILB - Support for Internal Certificate Authorities

    Currently the documentation for Azure App Service Environment with ILB claims it supports internal certificate authorities.

    Per - https://docs.microsoft.com/en-us/azure/app-service/environment/create-ilb-ase#post-ilb-ase-creation-validation

    As part of the documentation it is recommended that a user bundles their server auth certificate with the full certificate chain - thus producing a PFX file or base64 encoding it and uploading through powershell.

    However when testing with OpenSSL or on an iOS device, the first request never sees the full certificate chain and fails with "invalid server certificate". It is on a subsequent request the full chain is delivered - leaving users to hit refresh once in their browser…

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  13. Document healthcheck URL requirement for custom containers

    With Web App for Containers, it seems Azure uses a special URL "/robots933456.txt" to check when the container has started, and expects a valid HTTP response (404 is fine). This requirement for custom containers should be mentioned in the documentation! (and preferably, it should be configurable)

    44 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Associating Hybrid Connections to Azure App Services cannot be automated

    There is no way to associate a Hybrid Connection to an Azure App Service via ARM Template or PowerShell.

    This is a significant gap since we cannot automate this at all when that is the driving factor for DevOps and PaaS services.

    146 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    18 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add newer ruby versions (2.4 & 2.5)

    Would be good to keep up-to-date with the latest rubies, 2.3 is only receiving security fixes now.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  16. Make use of Reserved Instances

    It's possible to prepay VM's, this will result in a lower cost, see https://docs.microsoft.com/en-us/azure/virtual-machines/windows/prepay-reserved-vm-instances

    It would be great to use these machines in WebApps. Or add these type of payment to the Web Apps.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  17. Antimalware feature on Web Apps (App Service)

    Cloud Services and Virtual Machines have an antimalware feature to protect themselves from viruses.
    However, Web Apps only protects their platform, and there is no customer-facing antimalware service now.
    If we develop an application which receives files from anonymous users with an upload form, we can't detect and get rid of the viruses.
    We strongly request the antimalware feature like that Cloud Services and Virtual Machines do.

    401 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    12 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow importing 3rd party ssl certs for use as app service certificates in app services/web apps

    Currently if I have an ssl certificate being used in multiple app services, when I renew that certificate I have to update the app services one by one or via powershell. It looks like using an app service certificate would solve this by allowing me to renew in one place and have it update each of the app services automatically. The problem being that I use 3rd party issued ssl certs vs ones created as app service certs in azure.

    Ideal would be to either allow uploading 3rd party ssl certs to be used as app service certs or offer…

    22 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  19. [Linux] Add support to restrict IP access for Web Apps Linux / Docker

    Don't have this functionality became unfeasible use of Linux / Docker Web Apps in production environment

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  20. Generate internally-issued certificates

    There should be a way to generate internally-issued certificates for ASE so ASE's have no legacy-dependency. Currently one has to have CA running in a VM to generate that for the domain.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base