Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Upgrade npm to 6.13.4+because of a critical vulnerability

    The NPM team warned everybody about a critical Binary planting vulnerability in NPM versions prior to 6.13.3. Right now we cannot use this version on Azure App Service. Please install npm v6.13.4 ASAP!

    More information: https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  2. ILB ASE does not permit to adjust the TCP idle timeout

    Currently, the ILB ASE does not permit to adjust the TCP idle timeout that is set as default to 4min
    The Load Balance has and optional parameter "IdleTimeoutInMinutes" were the acceptable timeout range is 4 to 30 minutes.
    Why the ILB ASE does not have the same optional parameter?

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Return 503 when App Service is stopped

    I try to understand whey when App Service is stopped the HTTP status 403 is returned and not 503. Wouldn't it be more appropriate to return 503? Many clients to APIs properly handle 503 as transient error, and it would be helpful to let them wait if we return 503 in this use case if we had to stop App Service for whatever reason.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Azure WebApps NodeJS - A frustrating day of black boxes

    Today I have been trying to use Azure to deploy a NodeJS application to an Azure WebApp with frustrations.

    I am no NodeJS hipster and have just started/stumbled into NodeJS development but feel that today has been a hard day for me to achieve something.

    I have written a NodeJS GitHub app using GitHub's Probot tool which also helps scaffold the necessary parts - https://probot.github.io/docs/

    Brilliant I have hacked my way to something that works locally & now I would like to deploy it. Working at a Microsoft house where we use Azure, I thought it would be best to…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow users to run 'sync' operation themselves for troubleshooting

    We had an issue where we attempted to clone an app service, and the operation only partially completed. We were left with an app service plan that said we couldn't delete it because it contained an app service, but we were unable to see or interact with the app service in the UI (or via api's).

    We had to contact support, and they said, and I quote... "We performed a sync on your subscription and wanted to see if you are able to delete the site now."

    If this 'sync operation' is able to resolve these issues, then make it…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add support to do POST health check requests for SOAP web service health checks, instead of only doing a GET for health checks

    Adding support to do POST health check requests for SOAP web service health checks in traffic manager, instead of only doing a GET for health checks.

    The current issue is the dynamic DNS is not detecting proper outages of our SOAP web services because it performs a GET request and doesn't seem any problems, however we have had problems where our POST requests have stopped working and the dynamic DNS does NOT kick it since it can't detect it.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Supportability  ·  Flag idea as inappropriate…  ·  Admin →
  7. Support App Configuration as reference app settings

    Currently, App Service supports getting Key Vault secrets as references in app settings.
    https://docs.microsoft.com/en-au/azure/app-service/app-service-key-vault-references#reference-syntax

    Having a similar functionality with App Configuration would allow to manage certain settings centrally, while being able to use them in App Service transparently as if they were App Settings.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Better fault tolerance and self-healing

    We had an issue this month where every single web app on our app service plan started throwing 500 errors. After contacting support they informed us that it was most likely caused by an issue accessing the storage and to try enabling local cache settings so that the instances could use those in the case of a failure.

    The solution that worked was to scale down to a lower level and then scale up again - from that point all of the sites were restored.

    It would be better if the monitoring could detect and resolve this issue automatically so…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. 3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Reference Architecture for multiple isolated apps

    I would like a published reference architecture that describes the best practices for publishing multiple web applications in Isolated App Service Plan(s).

    We want to host multiple web applications with different networking needs:
    - Internal LoB applications.
    - Internet facing applications.
    - There are different application SQL Databases.
    - Some applications should not be able to access use resources within the vNET belonging to other applications.

    The single subnet per ASE relationship seems to force our hand to dictate multiple vNETs with multiple (costly) isolated plans. Am I missing something?

    In the reference architecture, I would like guidance on when…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  11. EasyAuth and SameSite cookies

    The "SameSite" cookie attribute isn't being set when using Azure App Service with EasyAuth. Being able to configure this value within the Azure portal - and for other cookies as well - would be beneficial.

    https://docs.microsoft.com/en-us/azure/app-service/overview-authentication-authorization

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  12. ETW providers

    Allow us to add other ETW providers to the Profiler trace. For example, System.Net traces - in .NET Core the only way to get System.Net traces is via ETW, which the only way to get an ETW trace out of App Services is by the DaaS Profiler Trace. If we can customize the trace to capture a custom list of ETW providers, then we can open-up so much possibility.
    One downside of that is ETW providers that folks shouldn't have access to. You would probably need to build a blacklist of providers that are off-limits. OR, you could add sets…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Diagnostics  ·  Flag idea as inappropriate…  ·  Admin →
  13. Portal support for installing an SSL certificate direct from Key Vault

    In an ARM template I can install my SSL certificate direct from Key Vault, by adding a "Microsoft.Web/certificates" resource.

    The Azure portal equivalent is to download the PFX from Key Vault to my computer, and upload it back to portal in the App Service SSL Binding blade. And lookup the password from wherever I saved it, and type it.

    It would be more secure and more convenient if I could just enter the Key Vault and secret name on the SSL Bindings blade. I wouldn't even need access to the Key Vault myself. The ARM provider works because the "Microsoft…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Platform upgrade caused 503

    Our app service had several 503 and 502 errors when I reached out to support I was told that there were storage migration/upgrade and app server upgrade.
    THIS IS URGENT FOR MICROSOFT TO NOTIFY AZURE ADMINISTRATORS, I thought about all the bad things(undocumented change, attack, etc) and I was told that there were upgrades.
    App Service plan: P1V2
    Started after midnight of Saturday 6-27 till this morning 6-29.(Pacific Time). please call me for further details.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Enable users to allow certain resources through a SQL Server firewall

    Currently, to let a specific app service access a sql server, there are currently two options:

    1) Scale the WebApp to at least S1 and put it in a VNET with a privat endpoint.
    2) Manually add all outbound IP addresses of the web app to the sql server's fiewwall.

    There should be an option to allow a specific web app through the firewall of a sql server, for easier configuration.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
  16. The az cli sets all settings to "slotSetting": true

    We have a json file with settings in this format:

    {
    "slotSetting": false,
    "name": "DevSupportMode",
    "value": "false"
    }

    When we try to use this file to set the settings on the appservice like this:

    az webapp config appsettings set -g $ResourceGroupName -n $WebAppName -s $SlotName --settings @$fileName

    Everything works fine except that all settings are set as slotSettings in the Azure app service even if we set that to false.

    az reports that the settings are set to false in the text it gives back when sending the command.
    {
    "name": "SupportedCultures",
    "slotSetting": false,
    "value": "en-GB"
    }

    It seems to…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Bugs  ·  Flag idea as inappropriate…  ·  Admin →
  17. WEBSITE_LOAD_CERTIFICATES

    Azure Upload certificate by rest API problem

    I have upload certificate by rest API: PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/certificates/{name}?api-version=2016-03-01

    https://docs.microsoft.com/en-us/rest/api/appservice/certificates/createorupdate

    and then I see certificate in SSL settings - Private Certificate. If I call GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Web/certificates?api-version=2016-03-01

    If try to get in .net:

    private string GetStoreCertificate(string thumbprint)

        {
    
    string name = "";
    try
    {
    List<StoreLocation> locations = new List<StoreLocation>
    {
    StoreLocation.CurrentUser,
    StoreLocation.LocalMachine
    };

    foreach (var location in locations)
    {
    X509Store store = new X509Store("My", location);
    try
    {
    store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
    X509Certificate2Collection certificates = store.Certificates.Find(
    X509FindType.FindByThumbprint, thumbprint, false);
    if (certificates.Count == 1)
    {
    name = certificates[0].FriendlyName;
    }
    }
    finally
    {
    store.Close();
    }
    }

    if (name…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  18. Enable dev/test plans for Web App for Containers (Windows)

    Currently, Web App for Containers (Windows) only allows selecting production plans PC2-4.

    Please allow using dev/test plans for lower cost during development.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  19. Option to protect deployment slots from being indexed by search engines

    Please provide the ability for Web App deployment slots to reply with a NOINDEX directive to search engines, either with response headers or a custom robots.txt file for the slots.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Make @microsoft.keyvault references obsolete or safe

    Currently all values from @microsoft.keyvault references in functions are copied to environment variables in the runtime. Although values are not visible in the portal, they are when opening a console.

    If you type SET in the console (Windows runtime) you will see all your previously secret values.

    This will not do.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base