Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Metric and alert for Web App file system used quota

    We would like to setup an automatic alert that fires when the file storage of an app plan is reaching its limits.

    Ideally it will be great to have a metric that tells the % of storage (quota) consumed so we can set an alert on top of that metric.

    160 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Notifications  ·  Flag idea as inappropriate…  ·  Admin →
  2. Enable 'Connect', 'Log Stream', 'Console' etc for App Service Environment

    When you deploy an App Service into an App Service Environment behind an ILB, much of the UI is greyed out. Examples of this is the 'Connect' button, 'Log Stream', 'Console' etc.

    I have to manually construct a URL to get to the kudu endpoint right now in order to use the console.

    160 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Bugs  ·  Flag idea as inappropriate…  ·  Admin →
  3. TLS 1.3 is now approved, this should be implemented with Web Apps

    TLS 1.3 is now no longer a draft, when will Azure introduce the option to enable it?

    https://tools.ietf.org/html/rfc8446

    159 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    13 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Associating Hybrid Connections to Azure App Services cannot be automated

    There is no way to associate a Hybrid Connection to an Azure App Service via ARM Template or PowerShell.

    This is a significant gap since we cannot automate this at all when that is the driving factor for DevOps and PaaS services.

    134 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    17 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  5. The Always On setting should have an option to make it sticky to the slot when swapping

    This is odd it isn't this way by default but should at the very least have an option to make it sticky so as to not break anyone's current practices (in fact, shouldn't more settings have the option to be sticky?).

    The issue here is that an always on slot consumes resources. If for example each app consumes 200Megs of RAM, and I have 5 app services running on a service plan, each app service has 2 slots for swapping, then I need to have Always On turned on unnecessarily for 10 slots (2gigs of RAM consumed for nothing). The…

    111 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add naked domain support to App Service Managed Certificates

    Currently naked domains are not supported when creating App Service Managed Certificates. I want to be able to create a free SSL certificate on a naked/apex domain.

    107 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  7. Restart App Service Plan (all Web Apps in a plan), something similar to iisreset, from within the portal

    It would be great to have a restart button, similar to the restart button in a Web App, but on the App Service Plan level to restart all Web Apps in a plan. something similar to iisreset.

    100 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    13 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Hi Ibrahim,

    What issue are you trying to solve? What use case would this be used for?

    It seems to me that placing a restart option on the plan level might do more harm than good, by resetting the memory on all the apps under the plan. Depending on your scenario, auto-heal would be a great solution to solve individual machine issues. See a video by my colleagues here for more details: https://channel9.msdn.com/Series/Windows-Azure-Web-Sites-Tutorials/Auto-Healing-an-Azure-App-Service

    Placing this idea under review for now until I understand what’s at the base of the request here.

    Thanks!
    Oded

  8. Add "Allow access to Azure services" in Azure App Service IP restrictions

    Re this thread

    https://www.yammer.com/azureadvisors/#/Threads/show?threadId=945875058

    I'd used PowerShell to manually add IP restrictions a couple of weeks ago. Right away my App Insights availability tests started failing so I narrowed the test location down to Dublin IE and allowed those IP/Subnets.

    Add an option similar to SQL Server "Allow access to Azure services" That white lists Azure App insights availability tests for selected regions.

    Thanks

    Luke

    96 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →

    There was some confusion about this feature due to the documentation for it and UX originally released had a bug.

    The IP Restrictions feature works as an ALLOW list, rather than a DENY list as originally stated.

    The ask here is still valid, there are other services in azure (like SQL) that have UI to explicitly allow other azure services to reach the database. While this is convenient for development scenarios, it’s not a good idea for securing the resource.

    We’ll keep an eye on this request and see if it gathers more up-votes.

    -Byron

  9. App Service - Allow Named Pipe Activation to be enabled

    We would like to use named pipes to communicate between services on the same app service, but this doesn't seem to be possible since named pipe activation isn't enabled in .Net on the app service.

    88 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Permission for accessing Performance counters

    We would like create a custom monitoring solution for our Azure Web Site based projects. Unfortunately the web site and job processes do not have permission to read performance counters.

    I understand that this is mandatory for a shared hosting environment. However I see nothing against having such functionality if the user has dedicated instances.

    Would it be possible to remove this restriction?

    87 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow Custom URL Rewrite Handler for Database

    Allow installation of a GAC custom rewrite handler for doing URL rewrites on Web Apps using a database backend.

    84 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Azure App Service Certificate : Add support for EV certificates (Extended Validation)

    Azure App Service Certificate permit to have standard SSL and Wildcard. But need to add a new SKU for permit customers to register an EV Certificate too (Extended Validation)

    69 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  App Gallery  ·  Flag idea as inappropriate…  ·  Admin →
  13. Provide more secure TLS ciphers

    Currently Chrome flags the CBC ciphers as obsolete. CBC ciphers are at the top of the cipher preference list of Azure Web Apps as you can see there: https://www.ssllabs.com/ssltest/analyze.html?d=test.azurewebsites.net
    More info: https://www.chromium.org/Home/chromium-security/education/tls#TOC-Cipher-Suites

    So please provide some more secure ciphers from the ECDHE cipher suite like TLSECDHERSAWITHAES256GCMSHA384, TLSECDHERSAWITHAES128GCMSHA256, TLSECDHERSAWITHCHACHA20POLY1305SHA256.

    68 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Web App and Private DNS zone support

    Web App support for using Azure Private DNS Zones without a DNS server to forward requests through. We are able to resolve the private dns queries from a VM that uses Azure provided dns and linked Private DNS zone, but the Web App is not able to do the same when using regional vnet integration. We must set the vnet to use a VM or on-prem DNS server that forwards requests to the Azure DNS IP, which is then able to return the private dns records. For a PaaS implementation, this seems clunky. The use case is to send Web…

    62 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Access to a populated User.Identity

    It would be very valueable to have Access to a "populated" User.Identity in the Controllers. Most of the the time, at least in my apps, my Apis will present user specific Content. Having a populated User.Identity would help alot.

    59 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →

    Hello!

    At the moment our recommended method for checking the identity of the current user is to check several attributes added to incoming requests. This is to allow your application to go completely in and out of memory on lower priced tiers without “always-on.” Check out the tutorial below for the header names.
    https://docs.microsoft.com/en-us/azure/app-service-api/app-service-api-authentication

    We would like to have language specific auth functionality like this in the future. I am placing this item in “unplanned” to be used in future planning sessions.

    thanks for your feedback!
    Alex
    Azure App Service Team

  16. Provide acceptable scale out time for instances in ASE Isolated instance types

    Scaling is a core feature of App Services. We used ASE for the additional features however it means we are stuck with 40 mins scale out time to add an instance. Per support this is by design, however this is not documented anywhere in public domain.
    Scaling is supposed to help us get customers on to Azure, if it takes 40 mins to add an instance, it will not meet the business needs, we abandoned ASE only due to this issue. Kindly document current scale out time in public documentation so that user know this before hand.
    Ultimate goal should…

    57 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the feedback!

    You’re right that ASE scaling operations take longer than the common plans on multi-tenant App Service. We are looking at ways to decrease the time so it will on par with multi-tenant but this means a new infrastructure is needed with managing a pool or pre-assigned VMs to the ASEs.

    This is documented here, though without a time frame mentioned as it depends on a numbers of factors: https://docs.microsoft.com/en-us/azure/app-service/environment/using-an-ase#how-scale-works.

    We will update when there is more information here.

    Thanks,
    Oded

  17. 57 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Enable Hybrid Connections to work with read-only routing feature in SQL Server Availability Groups

    We have a setup where App Service in Azure connects to on-premise SQL Server via Hybrid Connection. SQL Server environment on-premise is AlwaysOn Availability Group of 3 servers.

    Azure App Service uses connection string, where "Server=" part specifies Availability Group Listener DNS name. App Service connects to AG Listener just fine, and listener directs App Service to primary server. Setup works fine and App Service can read data from primary server.

    However, when we add "ApplicationIntent=ReadOnly" part into connection string, App Service can't connect to SQL Server and throws generic "network specific or instance related..." error. Our goal by adding…

    54 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  19. 54 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Automatically rebind SSL Certs that have Auto-Renew

    Right now there is a way to purchase and Auto-Renew SSL-Certs for Web Apps. Unfortunately, the Auto-Renew does NOT also bind the new cert to the WebApps where the cert it is replacing is currently bound to.

    This makes Auto-Renew more or less useless, as one still has to manually bind the new cert once it becomes available.

    A cert with Auto-Renew should automatically bind to all WebApps where the cert it replaces is used.

    52 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →

    Hi Thomas,

    Some feedback from our team:

    We do not update the SSL binding on rare cases, and we do have the code working just that it happens on a different task. This is definitely a bug we will be fixing as soon as we can. Most likely will be dealt with in June.

    Thanks,
    Oded

  • Don't see your idea?

Feedback and Knowledge Base