Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add a Remove-AzureRmWebAppCertificate cmdlet

    There is no PowerShell cmdlet for Remove-AzureRmWebAppCertificate. This would be really useful to enable cleanup of old certificates that are no longer used.

    (Note: I'm aware that using Remove-AzureRmWebAppSSLBinding will clean up a certificate if it's not referenced anymore. However, in production applications we don't want to use that cmdlet when updating an SSL certificate - we instead use New-AzureRmWebAppSSLBinding to overwrite the existing binding to the new certificate. The New-AzureRmWebAppSSLBinding cmdlet doesn't clean up the unused old certificate.)

    22 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Update Web App ModSecurity module to 2.9.2

    The current version of the ModSecurity module that is integrated in the IIS of the Web App Services is 2.8.0.
    This version of ModSecurity has issues with the IP + Port formatting of the AlwaysOnline service. Please update it to 2.9.2.

    22 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow importing 3rd party ssl certs for use as app service certificates in app services/web apps

    Currently if I have an ssl certificate being used in multiple app services, when I renew that certificate I have to update the app services one by one or via powershell. It looks like using an app service certificate would solve this by allowing me to renew in one place and have it update each of the app services automatically. The problem being that I use 3rd party issued ssl certs vs ones created as app service certs in azure.

    Ideal would be to either allow uploading 3rd party ssl certs to be used as app service certs or offer…

    22 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow adding same custom domains using ARM Template

    As described here it's now possible to add same custom domain on a WebApp using Azure Portal - link: https://feedback.azure.com/forums/169385-web-apps/suggestions/14128761-allow-adding-same-custom-domains-from-my-other-sub

    I've seen few apps now that when load balanced, require load balancer hostname added under custom domain in WebApp to work properly.

    Same should be possible via ARM. Currently when deploying WebApp resource there is a conflict if two resources share same domain:

    2018-10-25T11:27:12.7007756Z ##[error]At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usage details.
    2018-10-25T11:27:12.7025974Z ##[error]Details:
    2018-10-25T11:27:12.7026745Z ##[error]Conflict: {
    "Code": "Conflict",
    "Message": "The host name myhostname.domain.com is already assigned to another…

    21 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  5. [Linux] Add support to restrict IP access for Web Apps Linux / Docker

    Don't have this functionality became unfeasible use of Linux / Docker Web Apps in production environment

    20 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  6. Remove Weak SSL Cyphers from App Services

    App Services currently supports the following Cyphers:

    HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002

    (Default)    REG_SZ    NCRYPT_SCHANNEL_INTERFACE
    
    Functions REG_MULTI_SZ

    TLSECDHERSAWITHAES256CBCSHA384P256\
    0TLSECDHERSAWITHAES256CBCSHA384P384\
    0TLSECDHERSAWITHAES128CBCSHA256P256\
    0TLSECDHERSAWITHAES128CBCSHA256P384\
    0TLSECDHERSAWITHAES256CBCSHAP256\
    0TLSECDHERSAWITHAES256CBCSHAP384\
    0TLSECDHERSAWITHAES128CBCSHAP256\
    0TLSECDHERSAWITHAES128CBCSHAP384
    \0TLSDHERSAWITHAES256GCMSHA384\
    0TLS
    DHERSAWITHAES

    19 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow to start an AAD authentication express setup from an ARM template

    When enabling AAD authentication on an App service, using an ARM tempalte, you have to manually specify a clientid and clientsecret. Something like MSI: identity: "system" would be much easier. Especially from a Ci/CD perspective.

    18 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  8. Support Weibo for authentication

    Weibo is the 'twitter' of China, which is of course a large market. It would be great if Weibo was plugged into the existing Mobile Services Authentication service.

    18 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Azure App Service Environment ILB - Support for Internal Certificate Authorities

    Currently the documentation for Azure App Service Environment with ILB claims it supports internal certificate authorities.

    Per - https://docs.microsoft.com/en-us/azure/app-service/environment/create-ilb-ase#post-ilb-ase-creation-validation

    As part of the documentation it is recommended that a user bundles their server auth certificate with the full certificate chain - thus producing a PFX file or base64 encoding it and uploading through powershell.

    However when testing with OpenSSL or on an iOS device, the first request never sees the full certificate chain and fails with "invalid server certificate". It is on a subsequent request the full chain is delivered - leaving users to hit refresh once in their browser…

    13 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  10. App Service on Linux in Azure Stack

    App Service on Linux is a much requested feature from our customers, and is a glaring hole in the consistency between Azure and Stack today.

    12 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add wildcard pattern support for Azure Webapp _backup.filter file

    Right now _backup.filter does not support wildcards. Therefore, if logs are being produced say with a date or time timestamp, they can not be filtered unless they are moved to a seperate folder, which is then filtered. This is not viable in all cases.

    12 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
  12. replicate app service for redundancy

    would be good to have app services be replicated in another region for high availability and redundancy

    11 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Provide an interface for dictating logic to the load balancer, or allow us to nuke instances

    The load balancer for an App Plan is extremely simple minded in that it will always distribute load evenly.

    This doesn't work in a production environment with real users.

    e.g. if a webjob running on one machine picks up an intensive task from a queue, consuming all of the machine's resources, the load balancer will still forward users/requests to the affected machine.

    Please provide some sort of control over the load balancer. Even just a basic interface to provide basic rules.

    If you won't provide that, then at least instead allow us to nuke instances ourselves and provide us with…

    11 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    For heterogeneous workloads, the recommendation is to split the apps apart into separate app service plans. For example, webjobs isolated to in an app service plan separate and apart from the app service plan(s) running web or API applications.

    We will keep this item open marked as “under review” because there are plans to onboard the per-worker metrics to the Azure Monitor feature, at which point programmatic scaling decision can be made from those metrics.

    Currently worker metrics can be viewed from the UX by clicking into “Diagnose and Solve Problems” link for an app service plan. There will be a link in the UX blade that opens titled “Metrics per instance”. Drilling into that link will pull up another UX blade showing CPU usage (amongst other statistics) broken out by individual worker VMs.

  14. Metrics for Linux Docker Containers - Function APPS

    We are currently running several Linux Docker Containers in a function app and are surprised that most metrics are not available.

    The system reports on data in/out and http 5xx errors but that is all that it there. Information such as processed HTTP requests, response time, logs streams, processes and container load (cpu/memory/io is only available for the whole app service and not for the container).

    Docker function apps are heavy priced already and it doesn't help that most functionality in the portal is not available in this use case.

    10 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add newer ruby versions (2.4 & 2.5)

    Would be good to keep up-to-date with the latest rubies, 2.3 is only receiving security fixes now.

    10 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  16. Document the clock syncronization between App Service

    I couldn't find anywhere about the clock synchronization between different instances of an App Service and also between App Service and other Azure services (e.g. Azure Storage, Service Bus etc.)

    What we need to know is if there is any grantee that if we take DateTime.UtcNow on two instances of App Service (website), to which degree they will be comparable.

    Also to which degree the clocks of App Service (website) match with other Azure infrastructure. As currently I think there is miss-match in seconds. Take a look at following example of what we are currently seeing in our system on…

    10 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Way to monitor Web App connections regardless of state

    I had an issue where my web app was unable to open new connections because too many were open. The metrics-per-instance reports for monitoring connections only show open and close-wait state connections. For whatever reason the connections impacting my app were in another state and hence were not shown.

    I believe I have resolved my issue, but I cannot check on the health of the app without asking an Azure support technician to assist.

    It can also be misleading when troubleshooting to see 80 connections in the report, when there are actually 3500 in use.

    Thanks!

    10 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add a country code header to incoming requests

    Google App Engine (https://cloud.google.com/appengine/docs/standard/go/how-requests-are-handled#app-engine-specific-headers) and Cloudflare (https://support.cloudflare.com/hc/en-us/articles/200168236-What-does-Cloudflare-IP-Geolocation-do-) are able to add a http header to requests with the visitor's ISO 3166 country code.

    It would be nice to have this ability in web apps in Azure also.

    9 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Support OWIN Self-Hosting In Azure Websites - Repost since it was declined a year ago.

    Support OWIN Self-Hosting In Azure Websites - Repost since it was declined a year ago.

    9 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. App service high disk queue length

    We have observed high app service disk queue length while testing an application hosted on App service plan . As per investigation along with the microsoft support engineer, it has been identified that the disk queue length metric has always been aggregated as a sum (Total) for the samples captured from a worker. So any small change in this metric on the worker will cause this to spike rapidly. Also multiple workers will additionally cause this counter to grow even faster. In short, this is not an actual reflection of the actual disk queue length at any point in time…

    8 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base