Web Apps
Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.
More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.
Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.
-
Auto-scale up and down not just out, for web apps
Hi
Can you expand the auto-scaling feature to include up and down scaling as well as in / out?
so for example, scale the web app up a tier in peak and down a tier i off hours. Or something to that effect.
Thanks
28 votesThis is an interesting idea, though not feasible at the moment. We will leave this on the roadmap to review later on.
Thanks,
Oded -
Display slots should list their full name in the resource lists.
When you are viewing resources in the "All Resources" blade or in the "Resource Group" blade all slots are just listed using only their slot name, if you have many different web apps that all use slots you will see the same name repeated several times (see "Example Resource Group.PNG").
I suggest you display the name from the resources blade the same way you display it in the delete menu if you are deleting the base web app "BaseName-SlotName" (See "delete example.PNG")
28 votesWe will update this to include full name for slots under an app.
- Byron
-
Disaster Recovery for Azure WebApp
Currently, we have to deploy the Azure WebApp twice, one in West Europe and other in North Europe to support Disaster Recovery.
It means that we need to update the both WebApps if we want to deploy new artifacts in WebApp.
It is very difficult to sync artifacts in both WebApps.
It would be great if Azure provides the RA-GRS(Read-access geo-redundant storage) feature for WebApp like Azure SQL Database.
With this feature the synching of artifacts between both WebApps done by RA-GRS feature.
So we will not deploy the new artifacts in both web app, when we deploy the artifacts…27 votesThanks fort the feature request! We have work on the backlog for disaster recovery, but we don’t have a timeline to share at the moment.
Thanks,
Oded -
Better inform users of when their App Service Certificates are about to expire or have not auto renewed (7 days?)
This week another of our customer's sites went down due to an Azure App Service certificate expiring without us being notified of its pending expiry - we mark all App Service Certificates to Auto Renew and some of them do infact renew and rebind without our intervention, others certificates have got stuck on the domain validation phase (which we validated 1st time we bought the certificate ofcourse) and the latest certificate is now expired and the Manual Renew button is disabled as it seems to think its outside the 60 day renewal window.
A simple email to us (we receive…
27 votesWe are currently investigating options on improving renewal of certs and notifying customers.
-
API Apps with AllowAnonymous
Have a mix of authentication levels for different endpoints in the underlying Web API?
API App to have access level of 'Public (authenticated)' but one of the endpoints needs to be accessible as an anonymous user. Previously I would have just applied the AllowAnonymous attribute on the method, but the gateway still intercepts and returns an unauthenticated response.
Would be great to mark a specific method as allowing anonymous and the default behaviour to respect the gateway authentication level.
27 votesThank you for your feedback!
Right now the workaround is to set your authentication/authorization option to enabled, but set the action for unauthenticated requests to “allow.” Then manually redirect unauthenticated requests to the secured endpoints to the authorization flow at /.auth/login/done.
https://docs.microsoft.com/en-us/azure/app-service-mobile/app-service-mobile-how-to-configure-active-directory-authentication#optional-configure-a-native-client-applicationWe would like to add more robust support for multiple auth levels in the future. I am placing this item in “unplanned” to be used in future planning sessions.
Thanks!
Alex
Azure App Service Team -
Add feedback on the Portal on Automatic Swaps
When we configure a staging slot with Continuous Deployment and Auto-Swap we need some sort of visual feedback to know when the swap was done. Right now what we see is that the Active Deployment of the staging slot changes to the previous deploy checkpoint and that's how we know it swapped.
It would be great if on the production slot we could get at least some sort of message saying the current Active Deployment that was swapped or at least some sort of visual aid.26 votesThank you Matias, we are reviewing this idea.
Daria, App Service
-
A method to allow folks to access the FTP transfer logs when ftp is used to deploy code changes to their azure web apps.
Allow site admins to access the ftp transfer logs when ftp is the selected method used to make web site deployment updates. We use ftp to allow site updates, and we've had an incident where having access to those logs would be very helpful.
26 votesWe’re looking into to see what is currently supported here.
Thanks
Oded -
Rewriting to /public is absolutely not the right way to change the document root
After doing some reading, I'm seeing Azure actually suggesting to people running Laravel (and any others that don't host out of the root project structure) applications to use mod_rewrite to rewrite requests to point to "/public".
This is an absolutely ridiculous suggestion and is effectively some of the worst advice you could give. Forcing people to have "/public" in their URL structure because you guys didn't take the time to research the bare-minimum configuration options for your offering is not in any way acceptable.
I suggest you urgently add support for the ability to configure the document root. Not only…
25 votes -
Allow to NGEN an Azure Web App
When deploying an Azure Web App, allow to NGEN some DLLs like EntityFramework to save on startup time. Currently, this requires administrator rights to which we don't have access. Even better would be to automatically NGEN it after a deployment.
24 votesThank you for the feedback! We will keep this item open, but at this time we do not have plans to add this feature.
Thanks,
Jason -
Provide access to HTTPERR logs
Currently, enabling "Web Server Logging" appears to archive only the W3C request logs. The HTTPERR logs are the only way to see any requests that failed or were rejected by the server due to TCP timeouts, idle connections, filled request queues, and similar circumstances.
24 votesJust an update that we still have this on our backlog. If it gains more user support, we will look to prioritize this and add the view to our internal support center.
Thanks,
Oded -
Version data for deployed slot
I'm using ARM template to deploy a new slot to an existing webapp, the problem is that there is no way of seeing or passing the version of the build that the slot has.
It would be really useful to have a "Version" -field in the portal where I can pass the version data of the build so that you could easily see which slot has which build version.
24 votesThanks for the feedback, we are investigating this feature request. We cannot share an ETA at this time.
Thanks,
Jason -
Need a read-only role or operation for Web App Kudu logs.
Developers need to be able to access the KUDU logs for deployment and diagnostic troubleshooting without having contributor access to the web app. Can a read-only role or resource provider operation be created in order to grant this level of access?
24 votesThanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature
-
App Service Public SSL Certificates persist When Swapping Slot
Currently, if a Web App slot (ex: "staging") is created from an existing Web App that has Public SSL Certificates configured, these are not present on the new slot.
In addition during a slot swap, the "production" slot does not persist the Public SSL Certificates. The configuration for the Public SSL Certificate moves to the "staging" slot.
This behavior does not appear for other configurations such as Private SSL Certificates or AppSettings and could lead to "production" issues if the Public SSL Certificate is expected on the Web App.
The consumer recourse currently is to re-apply the Public SSL Certificates…
24 votes -
Allow Powershell Set-AzureWebsite to toggle Always On
It seems like every option is available EXCEPT this. Seems like it could be bolted on similarly to the others, like -WebSocketsEnabled<Boolean>.
23 votesWe are planning for this work and scheduling it for a future sprint.
-
[Linux] - Set Docker Image Tag as a slot setting in Application Settings of a Web App for Containers
When swapping between staging and production slots of a Web App for Containers, it would be really handy to have the option of keeping the tag of each image in its respective slot (e.g. image:latest for production, image:dev for staging) and not get them to swap after each slot swap.
Imagine you setup Continuous Deployment through Dockerhub. You push code changes on GitHub, and image build is triggered and then an image pull request from Azure to Dockerhub. If a swap has preceded the above flow, then newly build images would end up in the opposite from desired deployment slots. …23 votesThank you for the feature request. We will be taking a look.
Oded
-
BYO - Storage for Windows Web Apps
It seems to me a little strange that I can mount Azure Files in App Service on Linux and Web App for Containers but not in standard/regular Web App.
Our specific use case is a big web app spawned across more App Service Env under a Traffic Manager umbrella: for some kind of application logic a regular file system is better (more simple to use / less rework) than use the Storage API.22 votesWe are working on enabling bring your own storage to Windows based Web Apps
-Byron
-
Strict-Transport-Security
With the ability now to force HTTPS, it would be nice if Strict-Transport-Security HTTP Header should also be set and knock another finding off of the security report:
Details on The Header:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security22 votesWe’ll be taking a look.
Thanks,
Oded -
PowerShell and CLI support for the management of App Service Environments
Azure PowerShell and Azure CLI commands to support the management of an App Service Environments (at least v2). Hopefully this could include the ability to get management IP information, do scaling, and if it is an ILB ASE update the ILB Certificate.
22 votesCLI and Poweshell for scaling is available in ASE v2 through the same App Service commands.
We are expanding CLI and PowerShell support more down the road.
Thanks,
Oded -
Allow importing 3rd party ssl certs for use as app service certificates in app services/web apps
Currently if I have an ssl certificate being used in multiple app services, when I renew that certificate I have to update the app services one by one or via powershell. It looks like using an app service certificate would solve this by allowing me to renew in one place and have it update each of the app services automatically. The problem being that I use 3rd party issued ssl certs vs ones created as app service certs in azure.
Ideal would be to either allow uploading 3rd party ssl certs to be used as app service certs or offer…
22 votesThank you for the feature request. We will review this as part of our roadmap.
Thanks,
Oded -
Web App built-on CORS header Access-Control-Max-Age
Using the built-in CORS support in App Service for an API Web App, we can't specify header 'Access-Control-Max-Age' or any other headers besides 'Access-Control-Allow-Credentials' and 'Access-Control-Allow-Origin'.
We would like to use the App Service built-in CORS because it's easy to manage all the different allowed origins from there, but we need to be able to set headers like 'Access-Control-Max-Age', 'Cache-Control', and 'Vary' to optimize the OPTIONS calls.
21 votesThank you for the feedback! We will keep this item open, but at this time we do not have plans for this feature.
Thanks,
Jason
- Don't see your idea?