Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support Weibo for authentication

    Weibo is the 'twitter' of China, which is of course a large market. It would be great if Weibo was plugged into the existing Mobile Services Authentication service.

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. [Linux] Allow remote debugging of .NET core apps hosted by linux app services

    It is currently not possible to remote debug .NET core applications running on Azure Linux App Services. Please consider to add remote debugging to the feature list of Linux App Services.

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  3. Web App on Linux MySQL support within the web app (same as Web Apps)

    Enable MySQL within the Linux Web App, as the IIS Web Apps have.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  4. Support sending web server logs to OMS Log Analytics workspace

    Web Server logs can currently be written to a Blob storage account. However, it would be great if the logs could be sent directly to an OMS Log Analytics workspace.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  5. Ability to set different machinekey for each deployment slot

    There must be a way to set different machinekey element for different deployment slots. So that user authenticated on one slot don't get authenticated on all slots.

    Currently machinekey can only be configured in web.config. and web.config gets also gets swapped when slots are swapped.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Aggregated logs for Linux App Service instances

    To access logs for my Linux App Service instance i have to go to myapp.scm.azurewebsites.net/api/logs/docker and it lists all the instances i have running with a link to the log file for each node. This is cumbersome when trying to debug an issue. Could we have an option under diagnostic logs to target a storage Table and have these aggregated as one source

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  7. Remove Weak SSL Cyphers from App Services

    App Services currently supports the following Cyphers:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002
    (Default) REG_SZ NCRYPT_SCHANNEL_INTERFACE
    Functions REG_MULTI_SZ
    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256\
    0TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384\
    0TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256\
    0TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384\
    0TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256\
    0TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384\
    0TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256\
    0TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384
    \0TLS_DHE_RSA_WITH_AES_256_GCM_SHA384\
    0TLS_DHE_RSA_WITH_AES_128_GCM_SHA256\
    0TLS_RSA_WITH_AES_256_GCM_SHA384\
    0TLS_RSA_WITH_AES_128_GCM_SHA256\
    0TLS_RSA_WITH_AES_256_CBC_SHA256\
    0TLS_RSA_WITH_AES_128_CBC_SHA256\
    0TLS_RSA_WITH_AES_256_CBC_SHA\
    0TLS_RSA_WITH_AES_128_CBC_SHA\
    0TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384\
    0TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256\
    0TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384\
    0TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384\
    0TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256\
    0TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384\
    0TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256\
    0TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384\
    0TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256\
    0TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384\
    0TLS_DHE_DSS_WITH_AES_256_CBC_SHA256\
    0TLS_DHE_DSS_WITH_AES_128_CBC_SHA256\
    0TLS_DHE_DSS_WITH_AES_256_CBC_SHA\
    0TLS_DHE_DSS_WITH_AES_128_CBC_SHA\
    0TLS_RSA_WITH_3DES_EDE_CBC_SHA\
    0TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA\
    0TLS_RSA_WITH_RC4_128_SHA\
    0TLS_RSA_WITH_RC4_128_MD5\
    0TLS_RSA_WITH_NULL_SHA256\
    0TLS_RSA_WITH_NULL_SHA\
    0SSL_CK_RC4_128_WITH_MD5\
    0SSL_CK_DES_192_EDE3_CBC_WITH_MD5

    All Old/Weak Cyphers should be removed to increase security of the service.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Update Web App ModSecurity module to 2.9.2

    The current version of the ModSecurity module that is integrated in the IIS of the Web App Services is 2.8.0.
    This version of ModSecurity has issues with the IP + Port formatting of the AlwaysOnline service. Please update it to 2.9.2.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add a Remove-AzureRmWebAppCertificate cmdlet

    There is no PowerShell cmdlet for Remove-AzureRmWebAppCertificate. This would be really useful to enable cleanup of old certificates that are no longer used.

    (Note: I'm aware that using Remove-AzureRmWebAppSSLBinding will clean up a certificate if it's not referenced anymore. However, in production applications we don't want to use that cmdlet when updating an SSL certificate - we instead use New-AzureRmWebAppSSLBinding to overwrite the existing binding to the new certificate. The New-AzureRmWebAppSSLBinding cmdlet doesn't clean up the unused old certificate.)

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Use actual endpoint testing for custom domains rather than checking CNAME value

    Our domain is “example-domain.com”. Let’s say I’m trying to set up an App Service called “booking-service”, which will be assigned the default URL of “booking-service.azurewebsites.net”. At the *end* of this whole process, I want to have an App Service in Azure responding to the hostname “booking-service.example-domain.com”, sitting behind our CDN (Cloudflare).

    The failing path:
    Step 1: I create the App Service in Azure. This generates the “booking-service.azurewebsites.net” URL.
    Step 2: I create the CNAME “booking-service.example-domain.com” on Cloudflare’s control panel pointing to “booking-service.azurewebsites.net”, leaving the proxy/CDN/IP-hiding feature *enabled*. While in their control panel, we select the “CNAME” record type, however in…

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  11. Install odbc driver in Python Stack images

    I created a new Web app with Python 3.7 runtime. I created and deployed a python script, using pyodbc.
    A query on my Azure SQL database results in an error that it can not find the drivers to connect to Microsoft Sql Server:

    2018-11-12T15:37:56.956170588Z File "/home/site/wwwroot/apps/download.py", line 7, in <module>
    2018-11-12T15:37:56.956174588Z import pyodbc
    2018-11-12T15:37:56.956178388Z ImportError: libodbc.so.2: cannot open shared object file: No such file or directory

    Is it possible to have this driver in the Python Runtime Web app?

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Enable users to isolate an App Service Plan instance in order to perform offline debug

    It’s difficult to balance root causing live fails with keeping a production application running. This feature request attempts to address this by asking for a way to isolate an ASP instance in a running application.

    By isolating a misbehaving instance you can prevent it from affecting the behavior of the application overall. It can be studied for root cause without app devs or support being pressured to do this live on a production app. When debug is complete it could be terminated.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  13. [Linux] Add support to restrict IP access for Web Apps Linux / Docker

    Don't have this functionality became unfeasible use of Linux / Docker Web Apps in production environment

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  14. [Azure web app LINUX] VSTS deploy to slot

    Currently I am using VSTS for my CI/CD to azure web app linux
    However, unfortunately, there's still a pretty significant downtime for every deployment.

    I tried to create a staging slot to minimize the downtime, and swap to production. however, VSTS doesn't allow me to deploy to my staging slot.

    I created a github issues too here https://github.com/Microsoft/vsts-tasks/issues/4460

    If I can't deploy to my slot, what's the point of having slot in the first place? Please prioritize this as I think this is a pretty important feature

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Linux  ·  Flag idea as inappropriate…  ·  Admin →
  15. Azure App Service Environment ILB - Support for Internal Certificate Authorities

    Currently the documentation for Azure App Service Environment with ILB claims it supports internal certificate authorities.

    Per - https://docs.microsoft.com/en-us/azure/app-service/environment/create-ilb-ase#post-ilb-ase-creation-validation

    As part of the documentation it is recommended that a user bundles their server auth certificate with the full certificate chain - thus producing a PFX file or base64 encoding it and uploading through powershell.

    However when testing with OpenSSL or on an iOS device, the first request never sees the full certificate chain and fails with "invalid server certificate". It is on a subsequent request the full chain is delivered - leaving users to hit refresh once in their browser…

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Support KeyVault out of box in App Services Environment

    Currently ASE allows uploading of ILB certificates through script/portal.

    Provision to autopick certificate from Azure KeyVault using thumbprint should be made possible through script/portal

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Supportability  ·  Flag idea as inappropriate…  ·  Admin →
  17. App Service Public SSL Certificates persist When Swapping Slot

    Currently, if a Web App slot (ex: "staging") is created from an existing Web App that has Public SSL Certificates configured, these are not present on the new slot.

    In addition during a slot swap, the "production" slot does not persist the Public SSL Certificates. The configuration for the Public SSL Certificate moves to the "staging" slot.

    This behavior does not appear for other configurations such as Private SSL Certificates or AppSettings and could lead to "production" issues if the Public SSL Certificate is expected on the Web App.

    The consumer recourse currently is to re-apply the Public SSL Certificates…

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  18. Enable Azure Resource Move for App Service Environment

    Simply allow Azure Resource Move in between RGs and Subscriptions for App Service Environments

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  19. Support Healthcheck for Docker on App Service

    We just learned the hard way that HEALTHCHECK declarations in Docker containers stop working if the container is running in App Service, because App Service for some reason seems to alter the behavior of our containers to do some "internal" healtchecks.

    I believe that this goes very much against the spirit of containerized applications. I have to trust that my container behaves the same no matter who runs it.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Outbound ip addresses as an environment variable

    We can get web app outbound ip addresses as a environment variable. It s too much simplier to get ip adresses from application.

    Environment.GetVariable("OUTBOUND_IP_ADDRESS")

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  1 comment  ·  App Service Environment  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base