Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

We welcome user feedback and feature requests!

← Web Apps

Antimalware feature on Web Apps (App Service)

Cloud Services and Virtual Machines have an antimalware feature to protect themselves from viruses.
However, Web Apps only protects their platform, and there is no customer-facing antimalware service now.
If we develop an application which receives files from anonymous users with an upload form, we can't detect and get rid of the viruses.
We strongly request the antimalware feature like that Cloud Services and Virtual Machines do.

481 votes
Vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

19 comments

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Duc Lai commented  ·   ·  Flag as inappropriate

    Without the Antivirus in the Web App platform, I can run dangerous malware in there (e.g.: WannaCry ransomware on Windows environment). It is a must-tool for Azure Web App.

  • Mark commented  ·   ·  Flag as inappropriate

    Ahh, very disappointing. I was hoping to be able to use the AMSI API.

  • Anonymous commented  ·   ·  Flag as inappropriate

    This new feature is delivering something different than what I was expecting.

    From the original description, "If we develop an application which receives files from anonymous users with an upload form, we can't detect and get rid of the viruses." - the request is not anti-malware for the integrity of the web apps platform, but for files that may be uploaded through web apps i.e. a streaming anti-malware service that can be used with custom sites hosted in web apps..

  • hsakoh commented  ·   ·  Flag as inappropriate

    If we cannot detect it in real time, we have no choice but to continue using Cloud Services....
    Please do not close this request.

  • Anders commented  ·   ·  Flag as inappropriate

    Regarding this announcement:

    https://azure.github.io/AppService/2020/12/09/AzMon-AppServiceAntiVirusScanLogs.html

    It's one step closer I guess, but will not support the scenario described here as I see it, if you are looking to scan uploaded files in incoming traffic and accept/reject them closer to real time. Maybe someone from the App Service team can comment on if there is are further malware scanning capabilities planned for App Services?

  • Sai Manepalli commented  ·   ·  Flag as inappropriate

    Hi @Azure App Service Team, Any update on Antimalware feature on Web Apps (App Service).
    Thanks in advance.

  • Christian commented  ·   ·  Flag as inappropriate

    Why was this feature dropped when going from Cloud Services to App Service? We are facing the same challenge as many previous commenters. Customers using our platforms require us to scan files that are uploaded. Our goal is to utilize Azure's PaaS services but without having any alternative workaround that does not include managing our own VM's, we won't be able to achieve that.

  • Salam Dahbour commented  ·   ·  Flag as inappropriate

    We need this. We currently have to build VMs so we can ClamAV. That's the only thing we use the VM for. It's a waste, adds complexity, adds a ton of security requirements to our infrastructure, and requires maintenance. We'd really appreciate a service that's similar to ClamAV - write the bits to a stream and receive a reply about whether there's malware or not, but no VM.

  • Richard Beesley commented  ·   ·  Flag as inappropriate

    Another option is to use the new Trend service but this is overkill for smaller solutions. It would be really helpful to have a service built around the MS anti-malware functionality that can be used from pure PaaS services such as Web Apps, Functions etc

  • Adam commented  ·   ·  Flag as inappropriate

    Every single customer asks for this on their standard infrastructure questionnaires. Even if we don't allow file uploads, they still want to know. If we do allow file upload, then we can't use PaaS right now :(

  • Anonymous commented  ·   ·  Flag as inappropriate

    Would it be possible to enable Windows Defender on the underlying VMs? E.g. by enabling an extension in the App Service?

  • Topper Kain commented  ·   ·  Flag as inappropriate

    We have a standard requirement to scan all incoming files with some form of AV. Currently, we have create additional infrastructure outside our app service to send the file to AV, which increases our cost and compliance burden. Having an AV option integral to the app service will allow users in our situation to keep the bytes within the app service, reducing our footprint and complexity.

    As mentioned below, we are using the AMSI Antimalware Services Interface to execute our AV scans.

  • Ian Chivers commented  ·   ·  Flag as inappropriate

    Microsoft should consider opening up the AMSI AnitMalware Services Interface now that they've upgraded the App Service machines to Windows Server 2016

  • praful commented  ·   ·  Flag as inappropriate

    Hi, please confirm are you stating, Azure app service(web app) does not contain antimalware protection just like iaas VM's?

Web Apps

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice