HTTPS only without redirect
This feature has been requested multiple times (like here: https://feedback.azure.com/forums/169385-web-apps/suggestions/6868536-provide-require-ssl-setting-for-azure-websites), but has been closed time after time with the same workaround. The workaround consists of adding a redirect rule to web.config.
We however want a way to disable insecure HTTP requests completely.
Think of an API that gets called by a React or Angular app. Calling the HTTP endpoint of the API would be a bug and might lead to sensitive information like the access token being send over HTTP. It would appear to work, because the request gets redirected to HTTPS, so the bug would be harder to track.
So please don't close this request with the same workaround, because it's not a workaround for this particular request. :)
This work has been completed.
Feature announcement can be found here: https://blogs.msdn.microsoft.com/appserviceteam/2017/12/12/november-2017-app-service-update/
The feature released is helpful to save the work of creating a redirect in web.config, but wasn't what suggested in this feature request. This request is to provide an option to block port 80, not to redirect port 80 to 443.