Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Make certificate deployment idempotent

    When including a Microsoft.Web/certificates resource in an ARM template, the deployment will fail with "Another certificate exists with same thumbprint XXXXXXXXXXXXXXXXXXXX at location xxxx in the Resource Group xxxxxx." if the certificate already exists.

    The deployment should be idempotent like all of the other resource types and not fail if the resource already exists.

    Otherwise, the certificate has to be deployed manually and cannot be included in an ARM template used for CI/CD deployments (ie: from VSTS)

    159 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Metric and alert for Web App file system used quota

    We would like to setup an automatic alert that fires when the file storage of an app plan is reaching its limits.

    Ideally it will be great to have a metric that tells the % of storage (quota) consumed so we can set an alert on top of that metric.

    150 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Notifications  ·  Flag idea as inappropriate…  ·  Admin →
  3. Hybrid Connection Manager Support for Linux

    We are an ISV leveraging Azure PaaS to provide an iPaaS service to customers. We have a requirement to connect to on premise servers to access line-of-business apps. Currently, we leverage Azure’s Hybrid Connection Manager --- but are limited to Windows servers only. Our customers have both Windows, Linux and mixed environments. This considerably limits our market.

    Can we expect Linux support? If so, when? Any suggested work arounds?

    Thank you for your consideration.

    142 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  4. Make Application Gateway WAF services available for non-ASE App Service plans

    The Application Gateway and specifically WAF are useful even for simpler apps because of the OWASP and general security protections afforded.

    App Service Environments are extremely costly compared to a loaded Standard S1 or Premium P1 App Service plan and the Application Gateway/WAF cannot be used without the ASE.

    While there are WAF solutions provided by 3rd parties it would be great if the Azure solution used for ASE's was also available for standard App Service plans.

    Thanks

    139 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Associating Hybrid Connections to Azure App Services cannot be automated

    There is no way to associate a Hybrid Connection to an Azure App Service via ARM Template or PowerShell.

    This is a significant gap since we cannot automate this at all when that is the driving factor for DevOps and PaaS services.

    133 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    16 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  6. TLS 1.3 is now approved, this should be implemented with Web Apps

    TLS 1.3 is now no longer a draft, when will Azure introduce the option to enable it?

    https://tools.ietf.org/html/rfc8446

    127 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    12 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Install 64 bit dotnet.exe runtime

    I have a memory intensive webjob that uses dotnet.exe and needs to run in 64 bit mode. But the dotnet.exe currently installed is 32 bit.

    Is there an easy way to change this to 64 bit? Or can the 64 bit dotnet.exe be installed by default?

    122 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    12 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. The Always On setting should have an option to make it sticky to the slot when swapping

    This is odd it isn't this way by default but should at the very least have an option to make it sticky so as to not break anyone's current practices (in fact, shouldn't more settings have the option to be sticky?).

    The issue here is that an always on slot consumes resources. If for example each app consumes 200Megs of RAM, and I have 5 app services running on a service plan, each app service has 2 slots for swapping, then I need to have Always On turned on unnecessarily for 10 slots (2gigs of RAM consumed for nothing). The…

    114 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow IP Restrictions to be a Slot Setting

    In the same way as we have with App Settings it should be possible to make the IP Restrictions a slot setting (sticky) so that they don't migrate when you swap slots. This could be per IP even....

    113 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Restart App Service Plan (all Web Apps in a plan), something similar to iisreset, from within the portal

    It would be great to have a restart button, similar to the restart button in a Web App, but on the App Service Plan level to restart all Web Apps in a plan. something similar to iisreset.

    93 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    13 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Hi Ibrahim,

    What issue are you trying to solve? What use case would this be used for?

    It seems to me that placing a restart option on the plan level might do more harm than good, by resetting the memory on all the apps under the plan. Depending on your scenario, auto-heal would be a great solution to solve individual machine issues. See a video by my colleagues here for more details: https://channel9.msdn.com/Series/Windows-Azure-Web-Sites-Tutorials/Auto-Healing-an-Azure-App-Service

    Placing this idea under review for now until I understand what’s at the base of the request here.

    Thanks!
    Oded

  11. App Service - Allow Named Pipe Activation to be enabled

    We would like to use named pipes to communicate between services on the same app service, but this doesn't seem to be possible since named pipe activation isn't enabled in .Net on the app service.

    88 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Permission for accessing Performance counters

    We would like create a custom monitoring solution for our Azure Web Site based projects. Unfortunately the web site and job processes do not have permission to read performance counters.

    I understand that this is mandatory for a shared hosting environment. However I see nothing against having such functionality if the user has dedicated instances.

    Would it be possible to remove this restriction?

    87 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow Custom URL Rewrite Handler for Database

    Allow installation of a GAC custom rewrite handler for doing URL rewrites on Web Apps using a database backend.

    84 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add "Allow access to Azure services" in Azure App Service IP restrictions

    Re this thread

    https://www.yammer.com/azureadvisors/#/Threads/show?threadId=945875058

    I'd used PowerShell to manually add IP restrictions a couple of weeks ago. Right away my App Insights availability tests started failing so I narrowed the test location down to Dublin IE and allowed those IP/Subnets.

    Add an option similar to SQL Server "Allow access to Azure services" That white lists Azure App insights availability tests for selected regions.

    Thanks

    Luke

    84 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →

    There was some confusion about this feature due to the documentation for it and UX originally released had a bug.

    The IP Restrictions feature works as an ALLOW list, rather than a DENY list as originally stated.

    The ask here is still valid, there are other services in azure (like SQL) that have UI to explicitly allow other azure services to reach the database. While this is convenient for development scenarios, it’s not a good idea for securing the resource.

    We’ll keep an eye on this request and see if it gathers more up-votes.

    -Byron

  15. Azure App Service Certificate : Add support for EV certificates (Extended Validation)

    Azure App Service Certificate permit to have standard SSL and Wildcard. But need to add a new SKU for permit customers to register an EV Certificate too (Extended Validation)

    69 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  App Gallery  ·  Flag idea as inappropriate…  ·  Admin →
  16. Provide more secure TLS ciphers

    Currently Chrome flags the CBC ciphers as obsolete. CBC ciphers are at the top of the cipher preference list of Azure Web Apps as you can see there: https://www.ssllabs.com/ssltest/analyze.html?d=test.azurewebsites.net
    More info: https://www.chromium.org/Home/chromium-security/education/tls#TOC-Cipher-Suites


    So please provide some more secure ciphers from the ECDHE cipher suite like TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256.

    68 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Access to a populated User.Identity

    It would be very valueable to have Access to a "populated" User.Identity in the Controllers. Most of the the time, at least in my apps, my Apis will present user specific Content. Having a populated User.Identity would help alot.

    59 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →

    Hello!

    At the moment our recommended method for checking the identity of the current user is to check several attributes added to incoming requests. This is to allow your application to go completely in and out of memory on lower priced tiers without “always-on.” Check out the tutorial below for the header names.
    https://docs.microsoft.com/en-us/azure/app-service-api/app-service-api-authentication

    We would like to have language specific auth functionality like this in the future. I am placing this item in “unplanned” to be used in future planning sessions.

    thanks for your feedback!
    Alex
    Azure App Service Team

  18. 54 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Make App Settings KeyVault Reference default to latest Secret Version

    KeyVault references in App Settings is a welcome improvement in KeyVault integration.
    One lingering aspect to improve, I think, is to allow us to expect the latest secret version - such that we can specify the secret name and can forget about versioning if we wish. Clearly versioning also supports a stricter process.

    53 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Fix export of resource type 'Microsoft.Web/sites/config'

    get error :"Could not get resources of the type 'Microsoft.Web/sites/config'. Resources of this type will not be exported. (Code: ExportTemplateProviderError)"

    Among the obvious it would be nice to see how to set various app settings like turning off PHP and activating 'Always On' or maybe turning off 'ARR Affinity'.

    51 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base