We welcome user feedback and feature requests!

← Web Apps

Antimalware feature on Web Apps (App Service)

Cloud Services and Virtual Machines have an antimalware feature to protect themselves from viruses.
However, Web Apps only protects their platform, and there is no customer-facing antimalware service now.
If we develop an application which receives files from anonymous users with an upload form, we can't detect and get rid of the viruses.
We strongly request the antimalware feature like that Cloud Services and Virtual Machines do.

372 votes
Vote
Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

11 comments

Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Christian commented  ·   ·  Flag as inappropriate

    Why was this feature dropped when going from Cloud Services to App Service? We are facing the same challenge as many previous commenters. Customers using our platforms require us to scan files that are uploaded. Our goal is to utilize Azure's PaaS services but without having any alternative workaround that does not include managing our own VM's, we won't be able to achieve that.

  • Salam Dahbour commented  ·   ·  Flag as inappropriate

    We need this. We currently have to build VMs so we can ClamAV. That's the only thing we use the VM for. It's a waste, adds complexity, adds a ton of security requirements to our infrastructure, and requires maintenance. We'd really appreciate a service that's similar to ClamAV - write the bits to a stream and receive a reply about whether there's malware or not, but no VM.

  • Richard Beesley commented  ·   ·  Flag as inappropriate

    Another option is to use the new Trend service but this is overkill for smaller solutions. It would be really helpful to have a service built around the MS anti-malware functionality that can be used from pure PaaS services such as Web Apps, Functions etc

  • Adam commented  ·   ·  Flag as inappropriate

    Every single customer asks for this on their standard infrastructure questionnaires. Even if we don't allow file uploads, they still want to know. If we do allow file upload, then we can't use PaaS right now :(

  • Anonymous commented  ·   ·  Flag as inappropriate

    Would it be possible to enable Windows Defender on the underlying VMs? E.g. by enabling an extension in the App Service?

  • Topper Kain commented  ·   ·  Flag as inappropriate

    We have a standard requirement to scan all incoming files with some form of AV. Currently, we have create additional infrastructure outside our app service to send the file to AV, which increases our cost and compliance burden. Having an AV option integral to the app service will allow users in our situation to keep the bytes within the app service, reducing our footprint and complexity.

    As mentioned below, we are using the AMSI Antimalware Services Interface to execute our AV scans.

  • Ian Chivers commented  ·   ·  Flag as inappropriate

    Microsoft should consider opening up the AMSI AnitMalware Services Interface now that they've upgraded the App Service machines to Windows Server 2016

  • praful commented  ·   ·  Flag as inappropriate

    Hi, please confirm are you stating, Azure app service(web app) does not contain antimalware protection just like iaas VM's?

Web Apps

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice