Web Apps
Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.
More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.
Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.
-
Add naked domain support to App Service Managed Certificates
Currently naked domains are not supported when creating App Service Managed Certificates. I want to be able to create a free SSL certificate on a naked/apex domain.
2,233 votesWork is actively underway to add naked domain support with an automatic renewal flow to App Service Managed Certificates. There have been some snags getting the auto-renewal flow working. We understand these kinds of delays are frustrating, but rest assured the feature is being worked on and is coming in the future.
-Azure App Service Team
-
gRpc support in Azure App Service
We can't host gRPC apps in azure app service offering. Could you provide timeline of this feature?
977 votesThank you for the feedback, we are reviewing this feature request.
-
Support Double Wildcard Custom Domains
For multi-tenant applications, we require the ability for Azure to support double wildcard custom domains.
Single wildcard custom domains are currently well supported, i.e.
*.mydomain.com
catches all unmapped, single subdomain urls e.g. level1ex.mydomain.com, level2ex.mydomain.com etc
The issue (which isn't documented: see forum post below) is that secondary level wildcards are not supported at all by Azure:
e.g. www.level2.mydomain.com will result in a 404 error.
Why is this important? in a multi tenant environment, with lots of customers on different subdomains, it is best from an end-user perspective to support a www. subdomain prefix, as that's what 99% of non-technerati do…
874 votesthis feature has been postponed as it wouldn’t be complete and might be revisited later if standards/supported features by CAs and browsers change (double wildcard certificates are not supported standard, resulting in no way to secure double wildcard domain)
-
Enable App Service without ASE to access Storage Account with Firewall enabled
Currently it is not possible to configure storage account firewall to accept requests from App Services without ASE. This requires App Service to enable trusted access to storage: https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security#trusted-microsoft-services.
It is great if above is possible.
873 votesThank you for the feedback. We understand the limitation and will update this ticket as information becomes available.
- Jason
-
Support App Service Managed Certificates on Free and Shared Tiers
Allow web apps on Free and Shared tiers to use App service Managed Certificates
735 votesThank you for the feedback. We are investigating this feature request and I will update this status as we progress.
Best,
Jason -
TLS 1.3 is now approved, this should be implemented with Web Apps
TLS 1.3 is now no longer a draft, when will Azure introduce the option to enable it?
502 votesHi there,
Given TLS 1.2 was just enabled on Web Apps, we don’t have a plan for when the work will be done to enable 1.3. We will definitely leave this on the backlog as we will come back to it when relevant
Thanks,
Oded -
Ability to incrementally create/update AppSettings & ConnectionStrings
Actual problem:
Today if we don't provide all of the existing AppSettings or ConnectionStrings, the ones we omit are removed.Feature:
A little bit like the ARM deployment mode, add the ability to specify an Incremental & Complete mode when pushing settings. To ensure compatibility, Complete would be the default, keeping the behavior we have today. If we set the mode to Incremental, only the provided settings would be created/updated, leaving existing settings untouched.Use cases:
This would be very useful in cases where we want to sync AppSettings or ConnectionStrings for resources directly in our ARM templates for only…384 votesThanks for the suggestion, we are looking into the feature request
Ahmed
Azure App Service Team -
Provide .NET language packs on Web Apps
I'm working on a website that uses System.ComponentModel.DataAnnotations
On my local machine, model validation messages are displayed in french but they are in english when I deploy the website to Azure.
Please install .NET language packs on Azure Web Apps so we don't have to create .resx files and messy code to override .NET built-in messages...
370 votesHi there,
We are still waiting on a few internal dependencies before we can complete this request.
Thanks,
Oded -
Custom request headers in web server logs
This is generally useful, but my usecase if with Cloudflare:
When a web app is behind Cloudflare, all visitor IPs come Cloudflare's IPs. Cloudflare does forward the original visitor IP with a custom request header. I want to log this value in my web server logs. In IIS this is achieved with Advanced Logging, but this capability does not seem available in Azure web apps.
269 votesJust an update that we still have this feature on the backlog but with no concrete ETA. We will update when there is more to share.
Thanks,
Oded -
Metric and alert for Web App file system used quota
We would like to setup an automatic alert that fires when the file storage of an app plan is reaching its limits.
Ideally it will be great to have a metric that tells the % of storage (quota) consumed so we can set an alert on top of that metric.
211 votesThis is a great idea and we would like to implement it though there are a few dependencies we need to meet first. We are leaving this on the roadmap for now to see if it gains more customer support which will help with prioritization.
Thanks,
Oded -
Enable 'Connect', 'Log Stream', 'Console' etc for App Service Environment
When you deploy an App Service into an App Service Environment behind an ILB, much of the UI is greyed out. Examples of this is the 'Connect' button, 'Log Stream', 'Console' etc.
I have to manually construct a URL to get to the kudu endpoint right now in order to use the console.
173 votesThanks for bringing this up! This is a known issue and we are working on it. We’ll update the item when complete.
Thanks,
Oded -
The Always On setting should have an option to make it sticky to the slot when swapping
This is odd it isn't this way by default but should at the very least have an option to make it sticky so as to not break anyone's current practices (in fact, shouldn't more settings have the option to be sticky?).
The issue here is that an always on slot consumes resources. If for example each app consumes 200Megs of RAM, and I have 5 app services running on a service plan, each app service has 2 slots for swapping, then I need to have Always On turned on unnecessarily for 10 slots (2gigs of RAM consumed for nothing). The…
123 votesMoving the feature request to under review. When we have a clear timeline to share, we’ll update the status.
Thanks,
Oded -
Provide acceptable scale out time for instances in ASE Isolated instance types
Scaling is a core feature of App Services. We used ASE for the additional features however it means we are stuck with 40 mins scale out time to add an instance. Per support this is by design, however this is not documented anywhere in public domain.
Scaling is supposed to help us get customers on to Azure, if it takes 40 mins to add an instance, it will not meet the business needs, we abandoned ASE only due to this issue. Kindly document current scale out time in public documentation so that user know this before hand.
Ultimate goal should…94 votesThanks for the feedback!
You’re right that ASE scaling operations take longer than the common plans on multi-tenant App Service. We are looking at ways to decrease the time so it will on par with multi-tenant but this means a new infrastructure is needed with managing a pool or pre-assigned VMs to the ASEs.
This is documented here, though without a time frame mentioned as it depends on a numbers of factors: https://docs.microsoft.com/en-us/azure/app-service/environment/using-an-ase#how-scale-works.
We will update when there is more information here.
Thanks,
Oded -
Allow Custom URL Rewrite Handler for Database
Allow installation of a GAC custom rewrite handler for doing URL rewrites on Web Apps using a database backend.
90 votesHi there,
Thanks for bringing this up once more. We will have an internal conversation again about implementing for App Service.
Thanks,
Oded -
App Service - Allow Named Pipe Activation to be enabled
We would like to use named pipes to communicate between services on the same app service, but this doesn't seem to be possible since named pipe activation isn't enabled in .Net on the app service.
90 votesThanks for the entry. We’re taking a look.
Oded
-
Permission for accessing Performance counters
We would like create a custom monitoring solution for our Azure Web Site based projects. Unfortunately the web site and job processes do not have permission to read performance counters.
I understand that this is mandatory for a shared hosting environment. However I see nothing against having such functionality if the user has dedicated instances.
Would it be possible to remove this restriction?
87 votesThis isn’t available yet and we’re leaving the ask under review for now. We’ll come back to the idea when we have news.
Thanks,
Oded -
Azure App Service Certificate : Add support for EV certificates (Extended Validation)
Azure App Service Certificate permit to have standard SSL and Wildcard. But need to add a new SKU for permit customers to register an EV Certificate too (Extended Validation)
82 votesYou can get EV certificates from Azure Key Vault service today or bring your own certificate from external CA and import it via “Upload Certificate”. You would then have to upload the certificate from Key Vault as documented here https://docs.microsoft.com/en-us/azure/key-vault/key-vault-use-from-web-application
We are looking into how to improve the experience in Azure portal .
-
Provide more secure TLS ciphers
Currently Chrome flags the CBC ciphers as obsolete. CBC ciphers are at the top of the cipher preference list of Azure Web Apps as you can see there: https://www.ssllabs.com/ssltest/analyze.html?d=test.azurewebsites.net
More info: https://www.chromium.org/Home/chromium-security/education/tls#TOC-Cipher-SuitesSo please provide some more secure ciphers from the ECDHE cipher suite like TLSECDHERSAWITHAES256GCMSHA384, TLSECDHERSAWITHAES128GCMSHA256, TLSECDHERSAWITHCHACHA20POLY1305SHA256.
80 votesHi there,
We are constantly reviewing cipher suites and will update more in the future.
Thanks,
Oded -
Linux Static Site on Nginx
One of the most common web techniques today is static generated web sites. Ideally, there would be an option along with Node, Php etc for Static HTML. This would allow configuration for just running Nginx web servers to host static sites.
56 votesThanks for your suggestion, we will evaluate the suggestion and post an update when we have news to share.
Ahmed
App Service Team -
55 votes
With the release of Azure App Service on Linux, we are looking in supporting Golang as a built-in runtime stack. In the meanwhile you can create a custom container that supports Go.
A link of how to use a custom docker container with Web App for Containers:
https://docs.microsoft.com/en-us/azure/app-service/containers/quickstart-custom-docker-imageThanks,
Ahmed, App Service
- Don't see your idea?