Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Make WEBSITE_ADD_SITENAME_BINDINGS_IN_APPHOST_CONFIG to 1 by default or add warning

    We have been hit by hard restarts on web apps because we have not set the WEBSITEADDSITENAMEBINDINGSINAPPHOSTCONFIG to 1. It would be a more sane default to have it set to 1 by default, and then turned off by users that need WCF support OR have some sort of warning / checkbox or increased visbility in the portal.

    The simultaneous restart of all (in our case) 10 servers in a datasenter has caused outage of our services, and we would imagine others experience the same issue. I doubt many assume that all servers in…

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  2. Pipenv and Pipfile Support

    Support for Pipenv and Pipfiles, the new recommended standard for environment management for Python.

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Disaster Recovery for Azure WebApp

    Currently, we have to deploy the Azure WebApp twice, one in West Europe and other in North Europe to support Disaster Recovery.
    It means that we need to update the both WebApps if we want to deploy new artifacts in WebApp.
    It is very difficult to sync artifacts in both WebApps.
    It would be great if Azure provides the RA-GRS(Read-access geo-redundant storage) feature for WebApp like Azure SQL Database.
    With this feature the synching of artifacts between both WebApps done by RA-GRS feature.
    So we will not deploy the new artifacts in both web app, when we deploy the artifacts…

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Option to hide/anonymize IPs in webserver logs to be GDPR compliant

    It would be very helpfull if there would be an option to hide/anonymize IPs in webapps webserver logs. Right now you have to disable webserver logs completely to be GDPR compliant which might be not best practice.

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    Hi all,

    Thank you for the feedback and recommendations on this important topic!

    We will look at adding this to our feature roadmap though we don’t have any timing to share right now.

    For additional guidance please refer to “Azure Data Subject Request GDPR Documentation” under the Service Trust Portal: https://servicetrust.microsoft.com/ViewPage/GDPRDSR. Specifically read through, Part 1 – Step 5, which discusses the removal of personal data and timing in which you can leverage retention period settings for the logs.

    Thanks,
    Oded

  5. Web App for Containers - ACR access requires admin account enabled on repository

    It looks as though Web App for Containers requires the use of the admin account on the repository in ACR.

    The notes on use of the admin account suggest to use that account only for testing purposes and describe some of the downsides to having it enabled.

    Is there a plan to support Service Principal access to the ACR repository for Web App for Containers?

    32 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Support SSH to specific container in multi-container setup (Compose or Kubernetes)

    Currently the docs (https://docs.microsoft.com/en-us/azure/app-service/containers/app-service-linux-ssh-support) only describe setting up SSH access to a single container. But what if I have a multi container setup? For example PHP-FPM with an Nginx reverse proxy.

    It seems the SSH access is only supported for the public facing container (in this case Nginx).

    It would be great if I could setup SSH access to all containers.

    32 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  7. Auto-scale up and down not just out, for web apps

    Hi

    Can you expand the auto-scaling feature to include up and down scaling as well as in / out?

    so for example, scale the web app up a tier in peak and down a tier i off hours. Or something to that effect.

    Thanks

    31 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Provide access to HTTPERR logs

    Currently, enabling "Web Server Logging" appears to archive only the W3C request logs. The HTTPERR logs are the only way to see any requests that failed or were rejected by the server due to TCP timeouts, idle connections, filled request queues, and similar circumstances.

    https://support.microsoft.com/en-us/kb/820729

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Upgrade CPUs in Azure App Service Premium Tier

    Currently the "Premium" tier on App Service offers this three options:

    P1: 1VCore DSV2
    P2: 2VCores DSv2
    P3: 4VCores DSv2

    I wouldn't call this a premium tier now that we are getting into 2020...

    App service is one of the most useful services offered in Azure and it really needs an upgrade.

    Amazon's Beanstalk does not have such limitations.

    I would suggest that to upgrade the hardware/resources of the Premium tier to at least:

    P1: 2 VCores
    P2: 4 VCores
    P3: 8 VCores

    The processors model should be upgraded as well to use DSv3 or even better the F series.

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. PowerShell and CLI support for the management of App Service Environments

    Azure PowerShell and Azure CLI commands to support the management of an App Service Environments (at least v2). Hopefully this could include the ability to get management IP information, do scaling, and if it is an ILB ASE update the ILB Certificate.

    29 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  11. Display slots should list their full name in the resource lists.

    When you are viewing resources in the "All Resources" blade or in the "Resource Group" blade all slots are just listed using only their slot name, if you have many different web apps that all use slots you will see the same name repeated several times (see "Example Resource Group.PNG").

    I suggest you display the name from the resources blade the same way you display it in the delete menu if you are deleting the base web app "BaseName-SlotName" (See "delete example.PNG")

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Better inform users of when their App Service Certificates are about to expire or have not auto renewed (7 days?)

    This week another of our customer's sites went down due to an Azure App Service certificate expiring without us being notified of its pending expiry - we mark all App Service Certificates to Auto Renew and some of them do infact renew and rebind without our intervention, others certificates have got stuck on the domain validation phase (which we validated 1st time we bought the certificate ofcourse) and the latest certificate is now expired and the Manual Renew button is disabled as it seems to think its outside the 60 day renewal window.

    A simple email to us (we receive…

    27 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Notifications  ·  Flag idea as inappropriate…  ·  Admin →
  13. event log history

    We've had the issue where to diagnose a problem we've needed support to check the historical event logs to see that there was an error throwing, however, as the errors were sporadic, it's been exceedingly difficult to diagnose until support were able to trace exceptions thrown in historical event logs and we were then able to implement code fixes.

    Can a history of event logs be made available for us to access? Even going back a week or two would have been exceedingly useful!

    27 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Diagnostics  ·  Flag idea as inappropriate…  ·  Admin →
  14. API Apps with AllowAnonymous

    Have a mix of authentication levels for different endpoints in the underlying Web API?

    API App to have access level of 'Public (authenticated)' but one of the endpoints needs to be accessible as an anonymous user. Previously I would have just applied the AllowAnonymous attribute on the method, but the gateway still intercepts and returns an unauthenticated response.

    Would be great to mark a specific method as allowing anonymous and the default behaviour to respect the gateway authentication level.

    27 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for your feedback!

    Right now the workaround is to set your authentication/authorization option to enabled, but set the action for unauthenticated requests to “allow.” Then manually redirect unauthenticated requests to the secured endpoints to the authorization flow at /.auth/login/done.
    https://docs.microsoft.com/en-us/azure/app-service-mobile/app-service-mobile-how-to-configure-active-directory-authentication#optional-configure-a-native-client-application

    We would like to add more robust support for multiple auth levels in the future. I am placing this item in “unplanned” to be used in future planning sessions.

    Thanks!
    Alex
    Azure App Service Team

  15. Add feedback on the Portal on Automatic Swaps

    When we configure a staging slot with Continuous Deployment and Auto-Swap we need some sort of visual feedback to know when the swap was done. Right now what we see is that the Active Deployment of the staging slot changes to the previous deploy checkpoint and that's how we know it swapped.
    It would be great if on the production slot we could get at least some sort of message saying the current Active Deployment that was swapped or at least some sort of visual aid.

    26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Enable application logging in ILB ASE

    Currently there is no way to access our applications trace logs in an ILB ASE environment. I understand the Log Stream button is greyed out in the portal, but even using Kudu, FTP, blob, or streaming in VS, none of these are working in ILB ASE, and support tells us this is a known issue. This is a huge downside for us because we depend on our customized application log messages for troubleshooting.

    26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  17. Strict-Transport-Security

    With the ability now to force HTTPS, it would be nice if Strict-Transport-Security HTTP Header should also be set and knock another finding off of the security report:

    Details on The Header:
    https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  18. Rewriting to /public is absolutely not the right way to change the document root

    After doing some reading, I'm seeing Azure actually suggesting to people running Laravel (and any others that don't host out of the root project structure) applications to use mod_rewrite to rewrite requests to point to "/public".

    This is an absolutely ridiculous suggestion and is effectively some of the worst advice you could give. Forcing people to have "/public" in their URL structure because you guys didn't take the time to research the bare-minimum configuration options for your offering is not in any way acceptable.

    I suggest you urgently add support for the ability to configure the document root. Not only…

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  19. Let Web Apps to be PCI compliance

    Despite that PCI compliance is promoted at Azure, a Web App created at Azure is non compliant by default, and cannot be set-up appropriately.

    I understand that a Web App is not as isolated as an ASE (that still is not compliance by default, needs advanced set-up), with instances sharing system level settings with other clients (so cannot be changed independently), and I understand some set-up changes that apply to all clients, even ones that do not require PCI, can lead to problems to some of them.

    I propose an option to opt-in to PCI compliance at Web App level;…

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow to NGEN an Azure Web App

    When deploying an Azure Web App, allow to NGEN some DLLs like EntityFramework to save on startup time. Currently, this requires administrator rights to which we don't have access. Even better would be to automatically NGEN it after a deployment.

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Gallery  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base