Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Upgrade SSL (Current grade B according to ssllabs.com)

    I see a lot of previous reports about this but still my site's current grade is B according to ssllabs.com, with the following issues:

    1) Certificate uses a weak signature. When renewing, ensure you upgrade to SHA2.
    2) This server accepts the RC4 cipher, which is weak. Grade capped to B.
    3) The server does not support Forward Secrecy with the reference browsers.

    Please fix this ASAP

    132 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Enable VNET integration for App Service on Linux without ASE

    I would really appreciate it to be able to use the VNet integration and hybrid connections for Linux App service without needing to multiply my costs by paying for an app service environment just for one app service.

    Here is a similar idea, but it got resolved because of ASE. I think however there should be a solution without ASE.

    https://feedback.azure.com/forums/169385-web-apps/suggestions/32534479--linux-enable-vnet-integration-for-app-service-on

    130 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow webjobs to scale dynamically and independently of Websites

    Webjobs are a fantastic way of getting small tasks done as part of a website, and feel to me that they are the "Worker Roles" from Azure V1 done right.

    What I think these need to make them complete is the ability to scale up (and, just as importantly, down) automatically in a moment's notice depending on how much work there is to do.

    The infrastructure in place for Webjobs knows when it is processing a job and when it is idle, so I can see it being fairly straightforward to tie together to the scaling logic. In addition to…

    129 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. WebSites: Multiple hostname bindings/aliases per shared site

    Currently, all shared websites must end with *.azurewebsites.net

    Think even shared websites should support multiple bindings per site. The current implementation restriction *.azurewebsites.net is ridiculous and this way this all shared service is just "demoware" - no real sites will use this.
    Dotnetnuke for example, is multi-tenant by design. but in this service it is just interesting for testing.

    125 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Install 64 bit dotnet.exe runtime

    I have a memory intensive webjob that uses dotnet.exe and needs to run in 64 bit mode. But the dotnet.exe currently installed is 32 bit.

    Is there an easy way to change this to 64 bit? Or can the 64 bit dotnet.exe be installed by default?

    122 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    13 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Allow IP Restrictions to be a Slot Setting

    In the same way as we have with App Settings it should be possible to make the IP Restrictions a slot setting (sticky) so that they don't migrate when you swap slots. This could be per IP even....

    116 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  7. Make a JDK available with the JCE Unlimited Strength Jurisdiction Policy Files applied

    Currently, none of the JDK's have the JCE Unlimited Strength policy files applied.

    http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

    Please can these either be applied by default or can there be an option to have them applied?

    112 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Support disabling headers in Azure Web Sites

    All Azure Web Sites responses currently include the following headers:

    Server:Microsoft-IIS/8.0
    X-Powered-By:ASP.NET
    X-Powered-By:ASP.NET
    X-Powered-By:ARR/2.5

    Some of these headers are coming from ARR and other infrastructure pieces. In order to comply with OWASP security recommendations as well as to reduce unnecessary traffic, it'd be great if we could disable these.

    109 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  Flag idea as inappropriate…  ·  Admin →
    completed  ·  Nir Mashkowski responded

    The removal of these headers is facilitated with the Request Filtering module, which is part of IIS. To remove a header, you need to have a web.config file stored on your site, with the following content:

    <?xml version=“1.0” encoding=“UTF-8”?>

    The above would remove the Server header. If you need to remove the X-Powere-By header as well, your web.config needs to contain the following segment enclosed within the system.webserver set:

    Naturally, if your site already had an existing web.config file, you would need to adjust it to contain either or both of the elements described above.

  9. Support chained web.config transforms when deploying from source control

    Chained web.config transforms for publish profiles are fantastic, except that they can't be used when deploying from source control.

    I want the ability to have my Web.config file first transformed by the build transform file (ex: Web.Release.config) and then by an environment-specific file (ex: Web.Staging.config).

    The source deployment system should support this feature as an option when pulling from a repository. I've mocked up a screenshot showing my ideal method of configuring the variable.

    103 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Flag idea as inappropriate…  ·  Admin →
    completed  ·  Erez Benari responded

    Hi Brian. This is relatively easy to do. Please see the comments by David Ebbo for more information.

  10. Support warm up/initialization in Azure Websites

    My ASP.NET application's Application_Start takes ~10 seconds. Currently the first request to my site after an app pool restart (or a new deploy) suffers from really slow performance. I would like the ability to not get traffic on a new deployment until it has been fully initialized.

    98 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. [Linux] Add support to mount Azure File Share to Web App For Container

    Currently, if I try to follow the guide for Linux mapping of Azure File share inside a Web App for Container, I get the following error -

    "Unable to apply new capability set."

    Use case for such scenarios is having a Wordpress website and running a cron job inside the container app to periodically upload the media folder to this File Share. This file share can then be mounted on the Dev VMs...

    93 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add option for zip deployments so they ignore timestamps. NPM 5.6 Issue.

    NPM Versions over 5.6 cause node_modules to have their datetime set to 1985 on npm publish.

    What this means is that any zip deployment on a project that uses node causes incorrect installs. (package-lock, state version x.2, but in reality, its got x.1 installed, depending on the semvar, this could be a breaking change)

    I propose we allow an option to ignore timestamps so that existing projects can easily get their sites back to being updated.

    This is a big deal for any applications which are under heavy security scrutiny as they probably rely on artifacts.

    For more information, see…

    90 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  13. Dedicated (reserved) outbound IP address

    You can get a dedicated inbound IP address by turning on IP-Based SSL on a custom domain. However, the outbound IP address when the server-side code on my Azure Web Site accesses external resources is not the same and can change. The only Azure offering at this time that would mitigate this would be to use a VM with a reserved IP address. Then we lose all of the great features of Azure Web Sites, however.

    The use case is for enabling the Web Site to access on-premise resources through a firewall without having to open up the firewall to…

    90 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    13 comments  ·  Flag idea as inappropriate…  ·  Admin →

    App Service supports dedicated outbound IP addresses for apps deployed using the App Service Environment (ASE) feature.

    For the forseeable future, apps running in the public multi-tenant service will continue to use outbound addresses from a shared address pool.

  14. Expose API using custom domain

    The auto-generated domain for an API app of the form https://microsoft-apiappeeb5bdsasd744e188be7fa26f239bd4b.azurewebsites.net/ is ugly and hard to work for developers outside the Azure ecosytem. Plus, what if I change the hosting solution for my API and the domain has to change after I invested time telling people about this endpooint. You must support custom domains so I can do a CNAME from api.myapp.com to the above host. I understand it complicates the OAuth authorization logic on your side but that's something you need to figure out. This is currently the only blocker for us to adopt API Apps for our cloud…

    90 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
  15. WebJobs executables fail when targeting .NET 4.6.1

    When Azure WebJob executables target .NET 4.6.1, the execution fails ("Job failed due to exit code -2146232576").
    Please fix this.

    88 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Ability to move Web Apps to a different Resource Group

    Really need this one, due to the inability to Change App Service Plan on a web app when the App Service Plan has a different Resource Group

    87 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Enable IP blocking via the Azure portal for PaaS Web Apps, not IIS/web.config

    RIght now, Azure only offers IP blocks in the web.config (IIS) level. This is allowing the request to actually get to IIS. We'd like more of a firewall approach, where the AZURE PLATFORM blocks the request on the network layer, never allowing the request to make it to our web app instances.

    78 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Enable HTTPS/SSL for SHARED Web Sites

    SSL is only supported on reserved instances... shared websites/multi-tenancy is a key part of cloud computing and this is a fundamental necessity

    77 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  Flag idea as inappropriate…  ·  Admin →
    completed  ·  Erez Benari responded

    Last week we have introduced an option called “Basic”, which offers many of the features of the Standard tier, but at a lower price point. We also added some stuff to Standard, which might make it more sensible to you (for example, 5 free SNI SSL!). We hope the options are more suitable for your needs now.

  19. Azure websites should permit to set a regional time setting independent of the Region deployed.

    Right now when an Azure website is created it sets the time to the region specified on the deployment.
    It would be useful to be able con configure the ntp server for a website for the country our company is set, independent of the azure datacenter where the website was deployed.

    74 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Stop TiP causing security warnings

    Currently Testing in Production (TiP) can be used for two purposes: A/B testing or deploying multiple versions of the same website (eg. production and staging).

    Some companies like us use TiP only for the second purpose, but as soon as we enable the feature, an additional cookie called "TiPMix" added to our website. The purpose of the cookie is enable A/B testing and help to decide which user should be randomly routed to which slot. We always route 100% of our traffic to the production slot, so no decision have to be made in our case thus we don't need…

    72 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Hi all,

    We’re happy to share that we’ve launched a solution into production a couple weeks ago.

    We added the HttpOnly; tag to the TipMix cookie.

    If you encounter any issues, please engage with our support group through a support ticket or on Twitter: @AzureSupport.

    Thanks,
    Oded

  • Don't see your idea?

Feedback and Knowledge Base