Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Fix export of resource type 'Microsoft.Web/sites/config'

    get error :"Could not get resources of the type 'Microsoft.Web/sites/config'. Resources of this type will not be exported. (Code: ExportTemplateProviderError)"

    Among the obvious it would be nice to see how to set various app settings like turning off PHP and activating 'Always On' or maybe turning off 'ARR Affinity'.

    54 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Application Security Groups (ASG) support for App Service Environments (ASE)

    As stated in the comments section of this page https://azure.microsoft.com/en-us/blog/applicationsecuritygroups/
    "It's on the roadmap, all services integrated with VNet like ASE and SQL MI will be part of ASGs groups, as of today the scope doesn't cover subnets for those services, we are exploring options in the near future."

    46 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  3. WebApp custom DNS with private DNS Name

    Custom DNS HostName for a WebApp is working exactly in the same way in both Azure and Azure Stack, with both ownership and record check against a public Internet DNS server. That's pretty cool for public facing web applications, but represents a security issue for :
    1)Intranet applications.(hosted on Azure or AzureStack)
    - Custom Domain Names makes sence not only for Internet but Intranet too.
    - We don't want to expose intranet application names publicly to the wild...
    2)Multi-tenant AzureStack
    - Each customer would like to have it's own custom domain for its applications, and not use the *.appservice.local.azurestack.external or…

    46 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow AAD multi-tenant Apps using App Service Authentication and Authorization

    Allow Azure Active Directory (AAD) multi-tenant Apps using App Service Authentication and Authorization.

    After on-boarding a tenant with a multi tenant AAD App (Client), the tenant is not able to login to protected Web/Api Apps on App Services.

    The ClientId used is the same in AAD Multitenant App.
    The STS url is/can only be configured for the App/Client primary tenant GUID.

    There are no options to enable-multi tenant STS on App Service Authentication and authorization interface.

    42 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Disaster Recovery for Azure WebApp

    Currently, we have to deploy the Azure WebApp twice, one in West Europe and other in North Europe to support Disaster Recovery.
    It means that we need to update the both WebApps if we want to deploy new artifacts in WebApp.
    It is very difficult to sync artifacts in both WebApps.
    It would be great if Azure provides the RA-GRS(Read-access geo-redundant storage) feature for WebApp like Azure SQL Database.
    With this feature the synching of artifacts between both WebApps done by RA-GRS feature.
    So we will not deploy the new artifacts in both web app, when we deploy the artifacts…

    41 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. A method to allow folks to access the FTP transfer logs when ftp is used to deploy code changes to their azure web apps.

    Allow site admins to access the ftp transfer logs when ftp is the selected method used to make web site deployment updates. We use ftp to allow site updates, and we've had an incident where having access to those logs would be very helpful.

    41 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Better inform users of when their App Service Certificates are about to expire or have not auto renewed (7 days?)

    This week another of our customer's sites went down due to an Azure App Service certificate expiring without us being notified of its pending expiry - we mark all App Service Certificates to Auto Renew and some of them do infact renew and rebind without our intervention, others certificates have got stuck on the domain validation phase (which we validated 1st time we bought the certificate ofcourse) and the latest certificate is now expired and the Manual Renew button is disabled as it seems to think its outside the 60 day renewal window.

    A simple email to us (we receive…

    40 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Notifications  ·  Flag idea as inappropriate…  ·  Admin →
  8. PowerShell and CLI support for the management of App Service Environments

    Azure PowerShell and Azure CLI commands to support the management of an App Service Environments (at least v2). Hopefully this could include the ability to get management IP information, do scaling, and if it is an ILB ASE update the ILB Certificate.

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Enable application logging in ILB ASE

    Currently there is no way to access our applications trace logs in an ILB ASE environment. I understand the Log Stream button is greyed out in the portal, but even using Kudu, FTP, blob, or streaming in VS, none of these are working in ILB ASE, and support tells us this is a known issue. This is a huge downside for us because we depend on our customized application log messages for troubleshooting.

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Option to hide/anonymize IPs in webserver logs to be GDPR compliant

    It would be very helpfull if there would be an option to hide/anonymize IPs in webapps webserver logs. Right now you have to disable webserver logs completely to be GDPR compliant which might be not best practice.

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    Hi all,

    Thank you for the feedback and recommendations on this important topic!

    We will look at adding this to our feature roadmap though we don’t have any timing to share right now.

    For additional guidance please refer to “Azure Data Subject Request GDPR Documentation” under the Service Trust Portal: https://servicetrust.microsoft.com/ViewPage/GDPRDSR. Specifically read through, Part 1 – Step 5, which discusses the removal of personal data and timing in which you can leverage retention period settings for the logs.

    Thanks,
    Oded

  11. Auto-scale up and down not just out, for web apps

    Hi

    Can you expand the auto-scaling feature to include up and down scaling as well as in / out?

    so for example, scale the web app up a tier in peak and down a tier i off hours. Or something to that effect.

    Thanks

    31 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Provide access to HTTPERR logs

    Currently, enabling "Web Server Logging" appears to archive only the W3C request logs. The HTTPERR logs are the only way to see any requests that failed or were rejected by the server due to TCP timeouts, idle connections, filled request queues, and similar circumstances.

    https://support.microsoft.com/en-us/kb/820729

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. [Linux] Allow remote debugging of .NET core apps hosted by linux app services

    It is currently not possible to remote debug .NET core applications running on Azure Linux App Services. Please consider to add remote debugging to the feature list of Linux App Services.

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  14. [Linux] - Set Docker Image Tag as a slot setting in Application Settings of a Web App for Containers

    When swapping between staging and production slots of a Web App for Containers, it would be really handy to have the option of keeping the tag of each image in its respective slot (e.g. image:latest for production, image:dev for staging) and not get them to swap after each slot swap.
    Imagine you setup Continuous Deployment through Dockerhub. You push code changes on GitHub, and image build is triggered and then an image pull request from Azure to Dockerhub. If a swap has preceded the above flow, then newly build images would end up in the opposite from desired deployment slots. …

    29 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  15. Limit number of accepted client certificates when doing mutual TLS

    I want to be able to control the trusted issuers list sent to the web browser so that list of allowed certificates can be filtered in the browser. This was possible in IIS and with Azure Cloud Service I believe but how can we do it in a Azure web app?

    What I basically want to do is set the content of the certificate_authorities field in CertificateRequest sent by the server to the browser in the TLS handshake as stated in RFC5246.

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add feedback on the Portal on Automatic Swaps

    When we configure a staging slot with Continuous Deployment and Auto-Swap we need some sort of visual feedback to know when the swap was done. Right now what we see is that the Active Deployment of the staging slot changes to the previous deploy checkpoint and that's how we know it swapped.
    It would be great if on the production slot we could get at least some sort of message saying the current Active Deployment that was swapped or at least some sort of visual aid.

    26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Strict-Transport-Security

    With the ability now to force HTTPS, it would be nice if Strict-Transport-Security HTTP Header should also be set and knock another finding off of the security report:

    Details on The Header:
    https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  18. Version data for deployed slot

    I'm using ARM template to deploy a new slot to an existing webapp, the problem is that there is no way of seeing or passing the version of the build that the slot has.

    It would be really useful to have a "Version" -field in the portal where I can pass the version data of the build so that you could easily see which slot has which build version.

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Ability to set different machinekey for each deployment slot

    There must be a way to set different machinekey element for different deployment slots. So that user authenticated on one slot don't get authenticated on all slots.

    Currently machinekey can only be configured in web.config. and web.config gets also gets swapped when slots are swapped.

    22 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Update Web App ModSecurity module to 2.9.2

    The current version of the ModSecurity module that is integrated in the IIS of the Web App Services is 2.8.0.
    This version of ModSecurity has issues with the IP + Port formatting of the AlwaysOnline service. Please update it to 2.9.2.

    22 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base