Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. replicate app service for redundancy

    would be good to have app services be replicated in another region for high availability and redundancy

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add a country code header to incoming requests

    Google App Engine (https://cloud.google.com/appengine/docs/standard/go/how-requests-are-handled#app-engine-specific-headers) and Cloudflare (https://support.cloudflare.com/hc/en-us/articles/200168236-What-does-Cloudflare-IP-Geolocation-do-) are able to add a http header to requests with the visitor's ISO 3166 country code.

    It would be nice to have this ability in web apps in Azure also.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. WebApp custom DNS with private DNS Name

    Custom DNS HostName for a WebApp is working exactly in the same way in both Azure and Azure Stack, with both ownership and record check against a public Internet DNS server. That's pretty cool for public facing web applications, but represents a security issue for :
    1)Intranet applications.(hosted on Azure or AzureStack)
    - Custom Domain Names makes sence not only for Internet but Intranet too.
    - We don't want to expose intranet application names publicly to the wild...
    2)Multi-tenant AzureStack
    - Each customer would like to have it's own custom domain for its applications, and not use the *.appservice.local.azurestack.external or…

    20 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Update Web App ModSecurity module to 2.9.2

    The current version of the ModSecurity module that is integrated in the IIS of the Web App Services is 2.8.0.
    This version of ModSecurity has issues with the IP + Port formatting of the AlwaysOnline service. Please update it to 2.9.2.

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  5. Ability to incrementally create/update AppSettings & ConnectionStrings

    Actual problem:
    Today if we don't provide all of the existing AppSettings or ConnectionStrings, the ones we omit are removed.

    Feature:
    A little bit like the ARM deployment mode, add the ability to specify an Incremental & Complete mode when pushing settings. To ensure compatibility, Complete would be the default, keeping the behavior we have today. If we set the mode to Incremental, only the provided settings would be created/updated, leaving existing settings untouched.

    Use cases:
    This would be very useful in cases where we want to sync AppSettings or ConnectionStrings for resources directly in our ARM templates for only…

    253 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Provide more secure TLS ciphers

    Currently Chrome flags the CBC ciphers as obsolete. CBC ciphers are at the top of the cipher preference list of Azure Web Apps as you can see there: https://www.ssllabs.com/ssltest/analyze.html?d=test.azurewebsites.net
    More info: https://www.chromium.org/Home/chromium-security/education/tls#TOC-Cipher-Suites

    So please provide some more secure ciphers from the ECDHE cipher suite like TLSECDHERSAWITHAES256GCMSHA384, TLSECDHERSAWITHAES128GCMSHA256, TLSECDHERSAWITHCHACHA20POLY1305SHA256.

    67 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Remove Weak SSL Cyphers from App Services

    App Services currently supports the following Cyphers:

    HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002

    (Default)    REG_SZ    NCRYPT_SCHANNEL_INTERFACE
    
    Functions REG_MULTI_SZ

    TLSECDHERSAWITHAES256CBCSHA384P256\
    0TLSECDHERSAWITHAES256CBCSHA384P384\
    0TLSECDHERSAWITHAES128CBCSHA256P256\
    0TLSECDHERSAWITHAES128CBCSHA256P384\
    0TLSECDHERSAWITHAES256CBCSHAP256\
    0TLSECDHERSAWITHAES256CBCSHAP384\
    0TLSECDHERSAWITHAES128CBCSHAP256\
    0TLSECDHERSAWITHAES128CBCSHAP384
    \0TLSDHERSAWITHAES256GCMSHA384\
    0TLS
    DHERSAWITHAES

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. [Linux] Add some container orchestration features to App Service to provide high density

    Azure App Service is the Easy Button for app deployment and hosting, whereas Service Fabric and containers add significant complexity. However, Service Fabric and containers scale much more efficiently. It would be amazing if you could add some basic container orchestration features in a way that would make App Service the Easy Button for container-based deployments, including high density. I realize this is a challenging request, but like I said, it would be amazing!

    Thanks!
    Vince

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  9. localcache

    Better error messages when slot swaps fail due to issues with the application size exceeding the configured local cache size. Currently the only error is :

    'Failed swapping site. Error: Cannot swap slots for site '***' because the worker process for 'staging' slot could not be started’

    which gives no real insight into the actual failure.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Notifications  ·  Flag idea as inappropriate…  ·  Admin →
  10. Support original and country code top level domains

    Please extend support for purchasing domains beyond (com, net, co.uk, org, nl, in, biz, org.uk, and co.in) to all original and country code top level domains (https://en.wikipedia.org/wiki/ListofInternettop-leveldomains) or at least a wider list of possibilities.

    Domain ownership costs then can be managed on the same subscription bill rather than needing to purchase current unsupported domains (such as .com.au) via a seperate registrar

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Hi there,

    Thanks for the feedback!

    We are looking into various TLDs to add to App Service domains based on customer feedback and usage. Do keep in mind some country based TLDs requires specific constraints that can limit us from onboarding it to our product.

    Thanks,
    Sunitha

  11. Enable 'Connect', 'Log Stream', 'Console' etc for App Service Environment

    When you deploy an App Service into an App Service Environment behind an ILB, much of the UI is greyed out. Examples of this is the 'Connect' button, 'Log Stream', 'Console' etc.

    I have to manually construct a URL to get to the kudu endpoint right now in order to use the console.

    160 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Bugs  ·  Flag idea as inappropriate…  ·  Admin →
  12. A method to allow folks to access the FTP transfer logs when ftp is used to deploy code changes to their azure web apps.

    Allow site admins to access the ftp transfer logs when ftp is the selected method used to make web site deployment updates. We use ftp to allow site updates, and we've had an incident where having access to those logs would be very helpful.

    35 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Custom request headers in web server logs

    This is generally useful, but my usecase if with Cloudflare:

    When a web app is behind Cloudflare, all visitor IPs come Cloudflare's IPs. Cloudflare does forward the original visitor IP with a custom request header. I want to log this value in my web server logs. In IIS this is achieved with Advanced Logging, but this capability does not seem available in Azure web apps.

    https://support.cloudflare.com/hc/en-us/articles/200170666-How-do-I-correct-visitor-IP-with-Microsoft-IIS-

    222 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. FTP accounts tied to subscription, not user. Not enough auditing

    In the current model, FTP credentials are tied to a user's azure login. Thus, we have no visibility into credentials that are set, as we cannot see other people's FTP credentials they've set. Furthermore, when an FTP account is created or deleted, nothing is logged. This makes it difficult to audit who has access. With the logins being tied to the user, when the user leaves, there is no way for us to reclaim that username unless they delete their ftp credentials first. This doesn't always work, as a user may depart abruptly or not on good terms. Although the…

    50 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Allow Custom URL Rewrite Handler for Database

    Allow installation of a GAC custom rewrite handler for doing URL rewrites on Web Apps using a database backend.

    84 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Document the clock syncronization between App Service

    I couldn't find anywhere about the clock synchronization between different instances of an App Service and also between App Service and other Azure services (e.g. Azure Storage, Service Bus etc.)

    What we need to know is if there is any grantee that if we take DateTime.UtcNow on two instances of App Service (website), to which degree they will be comparable.

    Also to which degree the clocks of App Service (website) match with other Azure infrastructure. As currently I think there is miss-match in seconds. Take a look at following example of what we are currently seeing in our system on…

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Provide an interface for dictating logic to the load balancer, or allow us to nuke instances

    The load balancer for an App Plan is extremely simple minded in that it will always distribute load evenly.

    This doesn't work in a production environment with real users.

    e.g. if a webjob running on one machine picks up an intensive task from a queue, consuming all of the machine's resources, the load balancer will still forward users/requests to the affected machine.

    Please provide some sort of control over the load balancer. Even just a basic interface to provide basic rules.

    If you won't provide that, then at least instead allow us to nuke instances ourselves and provide us with…

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    For heterogeneous workloads, the recommendation is to split the apps apart into separate app service plans. For example, webjobs isolated to in an app service plan separate and apart from the app service plan(s) running web or API applications.

    We will keep this item open marked as “under review” because there are plans to onboard the per-worker metrics to the Azure Monitor feature, at which point programmatic scaling decision can be made from those metrics.

    Currently worker metrics can be viewed from the UX by clicking into “Diagnose and Solve Problems” link for an app service plan. There will be a link in the UX blade that opens titled “Metrics per instance”. Drilling into that link will pull up another UX blade showing CPU usage (amongst other statistics) broken out by individual worker VMs.

  18. Azure App Service Certificate : Add support for EV certificates (Extended Validation)

    Azure App Service Certificate permit to have standard SSL and Wildcard. But need to add a new SKU for permit customers to register an EV Certificate too (Extended Validation)

    75 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  App Gallery  ·  Flag idea as inappropriate…  ·  Admin →
  19. Support OWIN Self-Hosting In Azure Websites - Repost since it was declined a year ago.

    Support OWIN Self-Hosting In Azure Websites - Repost since it was declined a year ago.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Copy the application log settings when cloning deployment slots

    It would be better if the log settings are copied into a newly created slot, when we clone a slot, just like the app settings does.
    For example, currently when we turn the blob logging enabled and then clone the slot, the logging get disabled in a new slot.
    On the contrary, the blob container settings remains.

    This is because the blob container setting is saved as an environment variable in app settings.
    Here is the result in ResourceExplorer, when I cloned a slot.

    "applicationLogs": {
    
    "fileSystem": {
    "level": "Off"
    },
    "azureTableStorage": {
    "level": "Off",
    &quot;sasUrl&quot;: &quot;<a rel="nofollow noreferrer" href="https://strageaccountsample.table.core.windows.net/xxxxxxx&quot">https://strageaccountsample.table.core.windows.net/xxxxxxx&quot</a>;
    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base