Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add Application Initialization Support for Scale Up/Down

    The application initialization/warmup feature works great when scaling out/in, but when scaling up/down requests are immediately routed to the new instances before the application is warmed up. It would be great if the new instances could be warmed up before rerouting requests to them.

    386 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  2. Associating Hybrid Connections to Azure App Services cannot be automated

    There is no way to associate a Hybrid Connection to an Azure App Service via ARM Template or PowerShell.

    This is a significant gap since we cannot automate this at all when that is the driving factor for DevOps and PaaS services.

    146 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    18 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow Custom URL Rewrite Handler for Database

    Allow installation of a GAC custom rewrite handler for doing URL rewrites on Web Apps using a database backend.

    87 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  4. FTP accounts tied to subscription, not user. Not enough auditing

    In the current model, FTP credentials are tied to a user's azure login. Thus, we have no visibility into credentials that are set, as we cannot see other people's FTP credentials they've set. Furthermore, when an FTP account is created or deleted, nothing is logged. This makes it difficult to audit who has access. With the logins being tied to the user, when the user leaves, there is no way for us to reclaim that username unless they delete their ftp credentials first. This doesn't always work, as a user may depart abruptly or not on good terms. Although the…

    50 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  5. implement a graceful restart an Azure Web App with multiple instance

    We would like to have feature through which we can perform the configuration changes through portal without down time when there are multiple instances are available. The similar stuff is available in advanced restart where you can define the delay between restart of each instance.

    44 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →

    Hi everyone, we have some long-term plans to improve the restart speed and experience.

    For this scenario we suggest creating a new slot, applying your changes there, validating they work, and swapping your changes. This pattern will avoid downtime on your production site.

  6. Static Web Apps support for generic SCM and CI/CD

    Static Web Apps, still in public preview as I'm writing this, only seems to integrate with Github and Github Actions.
    Even if we love Github, it would make sense to allow:


    1. Other Git repo such as Azure Repo, Gitlab, Bitbucket, ...

    2. Other CI/CD tools such as Azure Pipelines, Bitbucket Pipelines, Jenkins, ...

    In other words, exactly like normal Web Apps today.

    43 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  7. Provide an option to disable or hide App Service Editor in a specific subscription, resource group or web app

    App Service Editor allows to make mistakes too easily. An option should be provided to disable or hide for a specific scope to reduce the risk of changes done by mistake.

    42 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  8. App Service Public SSL Certificates persist When Swapping Slot

    Currently, if a Web App slot (ex: "staging") is created from an existing Web App that has Public SSL Certificates configured, these are not present on the new slot.

    In addition during a slot swap, the "production" slot does not persist the Public SSL Certificates. The configuration for the Public SSL Certificate moves to the "staging" slot.

    This behavior does not appear for other configurations such as Private SSL Certificates or AppSettings and could lead to "production" issues if the Public SSL Certificate is expected on the Web App.

    The consumer recourse currently is to re-apply the Public SSL Certificates…

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Use actual endpoint testing for custom domains rather than checking CNAME value

    Our domain is “example-domain.com”. Let’s say I’m trying to set up an App Service called “booking-service”, which will be assigned the default URL of “booking-service.azurewebsites.net”. At the end of this whole process, I want to have an App Service in Azure responding to the hostname “booking-service.example-domain.com”, sitting behind our CDN (Cloudflare).

    The failing path:
    Step 1: I create the App Service in Azure. This generates the “booking-service.azurewebsites.net” URL.
    Step 2: I create the CNAME “booking-service.example-domain.com” on Cloudflare’s control panel pointing to “booking-service.azurewebsites.net”, leaving the proxy/CDN/IP-hiding feature enabled. While in their control panel, we select the “CNAME” record type, however…

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  10. 13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  11. Create Function level Keys for Azure Functions in ARM template

    ARM templates currently allow to create functionKeys on host level as:

    {
    
    "type": "Microsoft.Web/sites/host/functionKeys",
    "apiVersion": "2018-11-01",
    "name": "[concat(parameters('appServiceName'), '/default/MyFunctionKey')]",
    "properties": {
    "name": "MyFunctionKey"
    }
    }

    Which is great, but does not allow a very granular level of security.
    It is possible to create FunctionKeys on Function level through the admin API (/admin/functions/$($function.functionName)/keys) but not via ARM template.

    Ideally I would like to be able to do the following in my ARM template:

    {

      "type": "Microsoft.Web/sites/functions/functionKeys",
    
    "apiVersion": "2018-11-01",
    "name": "[concat(parameters('appServiceName'), '/MYFUNCTIONNAME/MyFunctionKey')]",
    "properties": {
    "name": "MyFunctionKey"
    }
    }

    I do understand the main difficulty is that the function is most likely created…

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Ability to pin deployment status on dashboard widgets (REGRESSED)

    This was previously implemented on the original Deployments pane, but has now regressed with the new Deployment Center and you cannot see the progress of builds on the dashboard again.

    Worse yet, the old functionality seems to have been deprecated, so new instances cannot be set up with the old build process.

    Seeing build status at a glance is extremely important for micro-service architectures, where you may push to a single repo branch and have multiple services rebuild and spin themselves back up in reaction.

    Here is the original request that got implemented: https://feedback.azure.com/forums/568069-azure-mobile-app/suggestions/37243549-show-deployment-status-for-web-apps

    Screenshot showing example of web/API and…

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  13. Enable users to see their Linux web app temporary storage size

    Problem :
    According to the Azure Support team, App Logs and Docker operations (build, pull, run), and maybe other services, use a "temp space" that is mutualized between all the Web Apps of a App Service Plan.
    This "temp space" is not documented and can block Docker operations, and thus prevent deployments.

    Solution :
    - Expose the "temp space" available size for each plan
    - Document how this "temp space" is used
    - Expose a view allowing to monitor this "temp space" usage and set alerts, ...

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Please make App Service CORS work properly, or get rid of it all together.

    CORS support in Azure App Service is currently terrible. It currently only supports origins and credentials. Where is the header support and where is the method support?

    Also, why does it refuse to work for localhost? http://somesite.bla.com/works fine in App Service CORS settings, but if I add http://localhost or http://localhost:1234, App Service never responds with "Access-Control-Allow-Origin: ..." when I access it from a localhost (or localhost:1234) origin.

    Additionally, if my service responds with a 401 error (bearer token needed or basic auth), App Service CORS seems to freak out and completely break - regardless of origin and settings.

    Lastly,…

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Support VS 2019 redist on Azure Web App

    vcruntime140_1.dll is part of the Microsoft Visual C++ Redistributable for Visual Studio 2019 which is not available on the worker instances now.
    Hope that we can add them to the worker instances.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Make it possible to deploy WebApp using custom domain and App Service managed certificate in one deployment

    Currently it is not possible to provision a new Microsoft.Web/sites resource using custom domain and App Service managed certificate using one deployment operation. This is because of cyclic dependency between Microsoft.Web/sites/hostNameBindings and Microsoft.Web/certificates resources. This is pretty confusing and inconvenient.

    The sequence of operation ARM needs to perform is as below:


    • create Microsoft.Web/sites resource

    • create Microsoft.Web/sites/hostNameBindings (without binding an SSL certificate because it does not yet exist) to link custom domain name to the Web App

    • create Microsoft.Web/certificates resource to issue a managed certificate for the custom domain (this requires custom domain to be linked)

    • now need to update existing …
    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  17. Copy the application log settings when cloning deployment slots

    It would be better if the log settings are copied into a newly created slot, when we clone a slot, just like the app settings does.
    For example, currently when we turn the blob logging enabled and then clone the slot, the logging get disabled in a new slot.
    On the contrary, the blob container settings remains.

    This is because the blob container setting is saved as an environment variable in app settings.
    Here is the result in ResourceExplorer, when I cloned a slot.

    "applicationLogs": {
    
    "fileSystem": {
    "level": "Off"
    },
    "azureTableStorage": {
    "level": "Off",
    &quot;sasUrl&quot;: &quot;<a rel="nofollow noreferrer" href="https://strageaccountsample.table.core.windows.net/xxxxxxx&quot">https://strageaccountsample.table.core.windows.net/xxxxxxx&quot</a>;
    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  18. It should be possible to renew/replace an SSL certificate via ARM templates

    When I deploy an ARM template (that has previously been deployed) which contains a certificate, I would expect that the certificate would be updated/replaced when the pfxBlob has changed.

    {
    "type": "Microsoft.Web/certificates",
    "name": "[variables('appService_name')]",
    "apiVersion": "2016-03-01",
    "location": "[parameters('resourceLocation')]",
    "properties": {

    &quot;pfxBlob&quot;: &quot;[parameters(&#39;sslCertificateData&#39;)]&quot;,
    
    &quot;password&quot;: &quot;[parameters(&#39;sslCertificatePassword&#39;)]&quot;

    }
    }

    The current behaviour is that that the deployment will succeed and the certificate will not be updated. This is not intuitive.

    Currently, to work around this limitation, it is necessary to remove the existing SSL binding and certificate via the portal or Powershell.

    Remove-AzureRmWebAppSSLBinding -Name $bindingName -ResourceGroupName $resourceGroupName -WebAppName $webAppName -DeleteCertificate $true

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  19. Make Vnet sticky to slot

    When switching slots currently if you have a vnet on one slot and not the other, the vnet is switched between slots. As this vnet may be pointing to a testing environment on one slot and a production environment on the other slot, it would make sense to have this be a sticky setting to the slot, with the option to make it global across the app in the case that all slots will be using the same vnet.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  20. When cloning an app service and creating a new App insight have the new destination App Service use the new App Insights

    Currently when you clone an App Service and you specify to create a new App Insights resource the destination App Service will retain the original App Insight resource due to the "Clone Settings, App Settings" toggle being turned on to Yes. Even with this "off" the App Insight is not automatically paired with new App Service.

    It can be fixed by manually changing the insights but it requires a reboot which is can often occur when a Service has gone live, therefore, leading to Downtime for that new Service.

    Having it attached at the point of the cloned app service…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3
  • Don't see your idea?

Feedback and Knowledge Base