Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. [Linux] Allow remote debugging of .NET core apps hosted by linux app services

    It is currently not possible to remote debug .NET core applications running on Azure Linux App Services. Please consider to add remote debugging to the feature list of Linux App Services.

    31 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  2. minWorkerThreads : But it was difficult to determine this value

    We managed to resolve the “Poor Performance”, but we had to do a lot of reading, it was good that the profiler pointed us in the right direction suggesting to set this value MinWorkerThread
    • This request is spending time waiting in the CLR Thread pool queue. This has happen if there is a burst load of requests coming to the process or if there is HIGH CPU on the overall instance.
    • Recommendations : Increase minWorkerThreads setting if your application is getting burst load of requests.

    But it was difficult to determine this value.

    The following Very old link…

    30 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Documentation  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow explicit include paths or inversion of exclusion paths for client certs

    There is the option to require an incoming client certificate on App Services

    Once this is enabled there is the option of adding exclusion paths.

    e.g. if I add /public the client cert won't be required for requests such as mysite.com/public but would be for any other url. This works

    What I'd like to be able to do is have a specific include or to be able to invert the exclusion rules

    I want to be able to effectively say only require a client cert on a specific path

    e.g. if I add !/private I would expect the client cert…

    30 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. API Apps with AllowAnonymous

    Have a mix of authentication levels for different endpoints in the underlying Web API?

    API App to have access level of 'Public (authenticated)' but one of the endpoints needs to be accessible as an anonymous user. Previously I would have just applied the AllowAnonymous attribute on the method, but the gateway still intercepts and returns an unauthenticated response.

    Would be great to mark a specific method as allowing anonymous and the default behaviour to respect the gateway authentication level.

    30 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for your feedback!

    Right now the workaround is to set your authentication/authorization option to enabled, but set the action for unauthenticated requests to “allow.” Then manually redirect unauthenticated requests to the secured endpoints to the authorization flow at /.auth/login/done.
    https://docs.microsoft.com/en-us/azure/app-service-mobile/app-service-mobile-how-to-configure-active-directory-authentication#optional-configure-a-native-client-application

    We would like to add more robust support for multiple auth levels in the future. I am placing this item in “unplanned” to be used in future planning sessions.

    Thanks!
    Alex
    Azure App Service Team

  5. Option to block TOR traffic from Azure WebSites

    Looking through my web logs, most traffice coming from TOR is unfortunately only used for trying to hack my site.
    Blocking TOR traffic is not trivial, since you must compare the IP to the long list of TOR exit servers.
    For websites that are really not used by e.g. dissidents it would be great to have a simple option to block it on Azure WebSites.

    Something like "Allow TOR traffice" On/Off

    29 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  6. Slot swapping should check if cache is ready (applicationInitialization ignored)

    After we incurred some downtime in our app service due to infrastructure updates on azure storage, we implemented the local cache feature to combat this. In doing so, this meant that we had to implement slots with preview in order to warm up the cache, ensuring that it is ready to serve before swapping. In implementing this we found that we had to also implement applicationInitialization in our web config.

    Our experience shows that this configuration is being ignored. So that first applyingSlotConfig and then Slotsswap operations via powershell swaps slots without ensuring that the site is ready.

    Our suggestion…

    29 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. [Linux] - Set Docker Image Tag as a slot setting in Application Settings of a Web App for Containers

    When swapping between staging and production slots of a Web App for Containers, it would be really handy to have the option of keeping the tag of each image in its respective slot (e.g. image:latest for production, image:dev for staging) and not get them to swap after each slot swap.
    Imagine you setup Continuous Deployment through Dockerhub. You push code changes on GitHub, and image build is triggered and then an image pull request from Azure to Dockerhub. If a swap has preceded the above flow, then newly build images would end up in the opposite from desired deployment slots. …

    29 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →

    The problem with the described approach is that you’re deploying directly into production. Slots are designed to be a staging environment for the latest builds, and swapped into production so you can roll-back if necessary.

    The other problem is that you’re pushing changes to the same tag (latest, prod, dev, etc.) which makes debugging difficult because you can’t quickly deduce which build is actually running since it’s always labelled as “latest” or “prod”.

    I suggest updating the CI pipeline to push with a clear identifier (v1.1.0, v1.2.0, etc.) and swapping those builds into production if they pass your acceptance tests.

    https://docs.microsoft.com/en-us/azure/app-service/deploy-best-practices#continuously-deploy-containers

  8. http3

    Add HTTP/3 support in azure web apps

    27 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. event log history

    We've had the issue where to diagnose a problem we've needed support to check the historical event logs to see that there was an error throwing, however, as the errors were sporadic, it's been exceedingly difficult to diagnose until support were able to trace exceptions thrown in historical event logs and we were then able to implement code fixes.

    Can a history of event logs be made available for us to access? Even going back a week or two would have been exceedingly useful!

    27 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Diagnostics  ·  Flag idea as inappropriate…  ·  Admin →
  10. Manage HTTP Headers for Azure static website

    There doesn't seem to be a clear and defined way to manage HTTP headers with an Azure static website. I know this feature is still in preview but my team and I are attempting to make this into a production ready web application.

    I think most people utilizing the static website feature will be using javascript frameworks like Reactjs or Angular. Since there isnt a web.config to manage http headers it becomes unclear on how to approach this. The headers in question are Content Security Policy, X-Content-Type-Options, and X-XSS-Protection.

    Thanks!

    26 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Supportability  ·  Flag idea as inappropriate…  ·  Admin →
  11. Hybrid Connection settings lost on slot creation but included in slot swap

    Summary:
    When creating a new slot for an existing Web App, the Hybrid Connections are not copied to the created slot despite 'Configuration Source' being set to the production app, which has Hybrid Connections configured.

    This is a problem because slot swap operations DO include the Hybrid Connection configurations. Therefore in order to deploy using a new staging slot, one must reconfigure the Hybrid Connections each time before doing the final swap into production.

    Our particular use-case is that we are setting up an automated deployment process and would like the process to first recreate the staging slot by deleting…

    26 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Bugs  ·  Flag idea as inappropriate…  ·  Admin →
  12. Avoid default 403 when IP Restrinctions are configured on App Services

    Currently, when you configure ip restrinctions on App Services, the App Service is able to return the 403 default error page. It could be a proxy, I think. But many IT managers (clients, because I am an Azure consultant) gave me this idea.

    It could be better if our web applications does not return the 403 default page when the ip source does not in the whitelist

    This is the default 403 web page generated by Microsoft, when we have configured ip restrictions:

    Error 403 - This web app is stopped.
    The web app you have attempted to reach is…

    26 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
  13. Add feedback on the Portal on Automatic Swaps

    When we configure a staging slot with Continuous Deployment and Auto-Swap we need some sort of visual feedback to know when the swap was done. Right now what we see is that the Active Deployment of the staging slot changes to the previous deploy checkpoint and that's how we know it swapped.
    It would be great if on the production slot we could get at least some sort of message saying the current Active Deployment that was swapped or at least some sort of visual aid.

    26 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Multi container app with Docker Compose - generally available?

    What is the plan for making multi container app through docker compose generally available?

    25 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add app service auto-healing history as a metric in Azure monitor.

    Add app service auto-healing history as a metric in Azure monitor.
    For now we can only see the history in diagnostics tools and it is hare to export.
    The similar request:
    https://feedback.azure.com/forums/169385-web-apps/suggestions/37375714-add-alerts-notification-for-auto-heal-application

    25 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Diagnostics  ·  Flag idea as inappropriate…  ·  Admin →
  16. Strict-Transport-Security

    With the ability now to force HTTPS, it would be nice if Strict-Transport-Security HTTP Header should also be set and knock another finding off of the security report:

    Details on The Header:
    https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security

    25 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Limit number of accepted client certificates when doing mutual TLS

    I want to be able to control the trusted issuers list sent to the web browser so that list of allowed certificates can be filtered in the browser. This was possible in IIS and with Azure Cloud Service I believe but how can we do it in a Azure web app?

    What I basically want to do is set the content of the certificate_authorities field in CertificateRequest sent by the server to the browser in the TLS handshake as stated in RFC5246.

    25 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Google Flutter Client SDK for Azure Mobile Apps

    Now Flutter as a cross-platform development is a trend and will be more popular in the future, so do not lose a huge market potential for mobile apps backends, so please create Flutter Client SDK. Thanks

    24 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Divert with a custom error page when an app service configured with IP Restrictions

    When an App Service is configured with an IP Restriction, only whitelisted IP's can access the App service URL/site. Other users cant access the URL. By default the blacklisted IP's or denied IP's will receive
    Error 403 - This web app is stopped. Many SR's can been be seen with this requirement to divert or return custom error message instead of 403 error. It would be great if we have a feature in portal to divert with custom message when the IP restrictions are configured for a web app.

    24 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Supportability  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add service health notifications for planned maintenance on App Services

    Currently, no notification for planned maintenance are sent for App Services when service health alerts are activated. Such notifications would be helpful to prepare for potential outages if the platform maintenance impacts availability or performance of the service.

    24 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base