Showing all posts tagged: 'Website'

A 8-post collection

Restrict public access to your Azure Web Apps with the IPSecurityRestrictions option

This is a little unknown gem that I've used a few times as I help customers secure access to their Azure Web Apps.. Traditionally, if one wants to restrict access to a website running on a VM (i.e IaaS) then they can make use of Firewalls to ensure that everything goes through a single endpoint and access is restricted. However, as we move to the cloud and further up the stack (PaaS or FaaS) we give lose some of that tight control for the benefit of using a managed service! But what if you wanted to run your website …[read more]

Enforcing HTTPS-only traffic and HSTS settings for Azure Web Apps and Azure Functions

I hope that by now your site is running under HTTPS. If not, you may want to read Troy Hunt's [blog post(s)](https://www.troyhunt.com/ssl-is-not-about-encryption/" target="_blank ) on the subject. He does a great job explaining the WHY. If your site's running on Azure Web Apps under the default naming convention <yoursitename>.azurewebsites.net, you have the option to enforce HTTPS using the Azure certificate. However, this is not recommended. Most likely, you'll have your site running under a custom domain. If that's the case, you'll need a custom certificate. There are many …[read more]

WebApi documentation done right with Swagger

Finally, a decent tool that allows you to quickly and easy provide API documentation for your WebAPI project. With Swagger configured in your API, you get interactive documentation, client SDK generation and discoverability. Luckily, you don't have to roll out your own Swagger implementation and someone has already made sure that there is a nice NuGet package for you: [Swashbuckle] is a combination of ApiExplorer and Swagger/swagger-ui and provides a rich discovery, documentation and playground experience to your API consumers. Some of the features you get with Swashbuckle are: Auto-generated Swagger 2.0 Seamless integration of swagger-ui Reflection-based Schema …[read more]

Getting Started With Microsoft Azure - Run your first website for free!

A friend recencly asked me whether he should use Azure for hosting his site and whether it was easy to get started with it. Although I was quick in saying yes, also realised that Azure is still a bit confusing, especially if you're new to the whole "cloud" idea or never used hosting services before. In this post, I will try to debunk some of these fears and show you how easy it is to get started with Azure. We will treat it as an "Azure for Dummies" post and take it really slow in order …[read more]

A C# Encryption provider for Azure Websites

Azure.Security, my second OSS project has been released! 1. What is Azure.Security? Azure.Security is an Azure specific piece of software designed to provide cryptographic services to an application deployed to Azure Websites platform. One of the issues that you may come across when using this platform is data encryption and key management. Luckily, Azure Websites are happy to run code from the System.Security namespace, but there is no easy way to securily manage private key(s). And that's where this project comes to fill in the gap. Azure.Security uses a number of Azure features in …[read more]

Processing payments on your site using Stripe and C#

Update: The current example of processing payments is NOT PCI-compliant as the card details are posted to the server. A better approach is to use the Stripe.js to generate the token and then process the payment - thanks to Christian Bryant for raising it in the comments. Take me to the PCI-Compliant option now As a web developer you are bound to have come across a requirement to implement some form of online payment processing for a site. This can be achieved using any number of third party providers such as Sage or PayPal etc. Although most of these …[read more]

Configuring custom domains for Azure Website

First off, if you don't have an Azure account, go get one! You get 10 websites for free plus a whole lot of goodies for free. I recently deployed a new site and I wanted to point a custom domain to it. However, the available documentation wasn't particularly clear. There are two ways to have a custom domain pointing to an Azure website, using A Records and CName records, but I wasn't sure if I needed both or just one etc and I wanted to use A records. This had me looking for a bit but thanks to a post …[read more]

Configuring multiple websites in IIS on a Windows Azure Virtual Machine using EndPoints

Windows Azure is a great environment for developers and companies alike due to the fact that it gives so much for so little. Apart from the 10 free websites, you get a free* Virtual Machine and a large number of other services like storage, SQL Server etc. I’m currently using the VM option to deploy and test a number of client websites without the need to use the client’s servers. Instead, I use the VM as my staging-demo environment and once all the testing is complete and the client is happy, I then deploy to the live environment. …[read more]