Web Apps
Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.
More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.
Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.
-
gRpc support in Azure App Service
We can't host gRPC apps in azure app service offering. Could you provide timeline of this feature?
1,246 votesThank you for the feedback, we are reviewing this feature request.
-
Enable App Service without ASE to access Storage Account with Firewall enabled
Currently it is not possible to configure storage account firewall to accept requests from App Services without ASE. This requires App Service to enable trusted access to storage: https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security#trusted-microsoft-services.
It is great if above is possible.
1,046 votesThank you for the feedback. We understand the limitation and will update this ticket as information becomes available.
- Jason
-
Support Double Wildcard Custom Domains
For multi-tenant applications, we require the ability for Azure to support double wildcard custom domains.
Single wildcard custom domains are currently well supported, i.e.
*.mydomain.com
catches all unmapped, single subdomain urls e.g. level1ex.mydomain.com, level2ex.mydomain.com etc
The issue (which isn't documented: see forum post below) is that secondary level wildcards are not supported at all by Azure:
e.g. www.level2.mydomain.com will result in a 404 error.
Why is this important? in a multi tenant environment, with lots of customers on different subdomains, it is best from an end-user perspective to support a www. subdomain prefix, as that's what 99% of non-technerati…
891 votesthis feature has been postponed as it wouldn’t be complete and might be revisited later if standards/supported features by CAs and browsers change (double wildcard certificates are not supported standard, resulting in no way to secure double wildcard domain)
-
Support App Service Managed Certificates on Free and Shared Tiers
Allow web apps on Free and Shared tiers to use App service Managed Certificates
773 votesThank you for the feedback. We are investigating this feature request and I will update this status as we progress.
Best,
Jason -
TLS 1.3 is now approved, this should be implemented with Web Apps
TLS 1.3 is now no longer a draft, when will Azure introduce the option to enable it?
682 votesHi there,
Given TLS 1.2 was just enabled on Web Apps, we don’t have a plan for when the work will be done to enable 1.3. We will definitely leave this on the backlog as we will come back to it when relevant
Thanks,
Oded -
Ability to incrementally create/update AppSettings & ConnectionStrings
Actual problem:
Today if we don't provide all of the existing AppSettings or ConnectionStrings, the ones we omit are removed.Feature:
A little bit like the ARM deployment mode, add the ability to specify an Incremental & Complete mode when pushing settings. To ensure compatibility, Complete would be the default, keeping the behavior we have today. If we set the mode to Incremental, only the provided settings would be created/updated, leaving existing settings untouched.Use cases:
This would be very useful in cases where we want to sync AppSettings or ConnectionStrings for resources directly in our ARM templates for only…409 votesThanks for the suggestion, we are looking into the feature request
Ahmed
Azure App Service Team -
Provide .NET language packs on Web Apps
I'm working on a website that uses System.ComponentModel.DataAnnotations
On my local machine, model validation messages are displayed in french but they are in english when I deploy the website to Azure.
Please install .NET language packs on Azure Web Apps so we don't have to create .resx files and messy code to override .NET built-in messages...
371 votesHi there,
We are still waiting on a few internal dependencies before we can complete this request.
Thanks,
Oded -
Custom request headers in web server logs
This is generally useful, but my usecase if with Cloudflare:
When a web app is behind Cloudflare, all visitor IPs come Cloudflare's IPs. Cloudflare does forward the original visitor IP with a custom request header. I want to log this value in my web server logs. In IIS this is achieved with Advanced Logging, but this capability does not seem available in Azure web apps.
290 votesJust an update that we still have this feature on the backlog but with no concrete ETA. We will update when there is more to share.
Thanks,
Oded -
Metric and alert for Web App file system used quota
We would like to setup an automatic alert that fires when the file storage of an app plan is reaching its limits.
Ideally it will be great to have a metric that tells the % of storage (quota) consumed so we can set an alert on top of that metric.
274 votesThis is a great idea and we would like to implement it though there are a few dependencies we need to meet first. We are leaving this on the roadmap for now to see if it gains more customer support which will help with prioritization.
Thanks,
Oded -
Enable 'Connect', 'Log Stream', 'Console' etc for App Service Environment
When you deploy an App Service into an App Service Environment behind an ILB, much of the UI is greyed out. Examples of this is the 'Connect' button, 'Log Stream', 'Console' etc.
I have to manually construct a URL to get to the kudu endpoint right now in order to use the console.
173 votesThanks for bringing this up! This is a known issue and we are working on it. We’ll update the item when complete.
Thanks,
Oded -
The Always On setting should have an option to make it sticky to the slot when swapping
This is odd it isn't this way by default but should at the very least have an option to make it sticky so as to not break anyone's current practices (in fact, shouldn't more settings have the option to be sticky?).
The issue here is that an always on slot consumes resources. If for example each app consumes 200Megs of RAM, and I have 5 app services running on a service plan, each app service has 2 slots for swapping, then I need to have Always On turned on unnecessarily for 10 slots (2gigs of RAM consumed for nothing). The…
124 votesMoving the feature request to under review. When we have a clear timeline to share, we’ll update the status.
Thanks,
Oded -
Add alerts/notification for Auto heal application.
Adding alerts or notification when the there is a Proactive auto healing or Mitigation rules in the application.
97 votesThank you for the feedback, we are reviewing the request.
-
Allow Custom URL Rewrite Handler for Database
Allow installation of a GAC custom rewrite handler for doing URL rewrites on Web Apps using a database backend.
93 votesHi there,
Thanks for bringing this up once more. We will have an internal conversation again about implementing for App Service.
Thanks,
Oded -
App Service - Allow Named Pipe Activation to be enabled
We would like to use named pipes to communicate between services on the same app service, but this doesn't seem to be possible since named pipe activation isn't enabled in .Net on the app service.
90 votesThanks for the entry. We’re taking a look.
Oded
-
Permission for accessing Performance counters
We would like create a custom monitoring solution for our Azure Web Site based projects. Unfortunately the web site and job processes do not have permission to read performance counters.
I understand that this is mandatory for a shared hosting environment. However I see nothing against having such functionality if the user has dedicated instances.
Would it be possible to remove this restriction?
87 votesThis isn’t available yet and we’re leaving the ask under review for now. We’ll come back to the idea when we have news.
Thanks,
Oded -
Azure App Service Certificate : Add support for EV certificates (Extended Validation)
Azure App Service Certificate permit to have standard SSL and Wildcard. But need to add a new SKU for permit customers to register an EV Certificate too (Extended Validation)
82 votesYou can get EV certificates from Azure Key Vault service today or bring your own certificate from external CA and import it via “Upload Certificate”. You would then have to upload the certificate from Key Vault as documented here https://docs.microsoft.com/en-us/azure/key-vault/key-vault-use-from-web-application
We are looking into how to improve the experience in Azure portal .
-
Provide more secure TLS ciphers
Currently Chrome flags the CBC ciphers as obsolete. CBC ciphers are at the top of the cipher preference list of Azure Web Apps as you can see there: https://www.ssllabs.com/ssltest/analyze.html?d=test.azurewebsites.net
More info: https://www.chromium.org/Home/chromium-security/education/tls#TOC-Cipher-SuitesSo please provide some more secure ciphers from the ECDHE cipher suite like TLSECDHERSAWITHAES256GCMSHA384, TLSECDHERSAWITHAES128GCMSHA256, TLSECDHERSAWITHCHACHA20POLY1305SHA256.
80 votesHi there,
We are constantly reviewing cipher suites and will update more in the future.
Thanks,
Oded -
Allow FrontDoor CNAME for App Service Managed Certificate validation
When creating an App Service Managed Certificate, it should allow validation if the CNAME is pointing to a FrontDoor with the same domain (or the FrontDoor's backend is the same Web App).
Currently it gives the error "Hostname not eligible for App Service Managed Certificates creation" since the CNAME is not directly pointing to the web app.
61 votes -
WebApp custom DNS with private DNS Name
Custom DNS HostName for a WebApp is working exactly in the same way in both Azure and Azure Stack, with both ownership and record check against a public Internet DNS server. That's pretty cool for public facing web applications, but represents a security issue for :
1)Intranet applications.(hosted on Azure or AzureStack)
- Custom Domain Names makes sence not only for Internet but Intranet too.
- We don't want to expose intranet application names publicly to the wild...
2)Multi-tenant AzureStack
- Each customer would like to have it's own custom domain for its applications, and not use the *.appservice.local.azurestack.external or…59 votesThis is still on our backlog for review, this did not make it into update 2. We will continue to review this for Azure App Service on Azure Stack.
-
Add support for NetworkWatcher / NSG Flow logs for App Service with Regional Vnet Integration enabled
At the moment, if one uses an App Service with Vnet Integration there is NO way to monitor the traffic that traverses this path. For organizations with requirements to monitor ALL network traffic for integrity / Security / Audit purposes - this presents a significant challenge as ALL traffic that traverses this integration is not able to be monitored. Since the App Service presents itself as on a given subnet within the Vnet - there should be NO reason that NetworkWatcher or NSG flow logs shouldn't be usable.
58 votesThank you for the feedback, we are reviewing this request.
- Don't see your idea?