I hope that by now your site is running under HTTPS. If not, you may want to read Troy Hunt's blog post(s) on the subject. He does a great job explaining the WHY. If your site's running on Azure Web Apps under the default naming convention <yoursitename>.azurewebsites.net, you have the option to enforce HTTPS using the Azure certificate. However, this is not recommended. Most likely, you'll have your site running under a custom domain. If that's the case, you'll need a custom certificate. There are many ways to acquire a certificate for free but the …[read more]
Showing all posts tagged: 'Website'
A 7-post collection
Finally, a decent tool that allows you to quickly and easy provide API documentation for your WebAPI project. With Swagger configured in your API, you get interactive documentation, client SDK generation and discoverability. Luckily, you don't have to roll out your own Swagger implementation and someone has already made sure that there is a nice NuGet package for you: [Swashbuckle] is a combination of ApiExplorer and Swagger/swagger-ui and provides a rich discovery, documentation and playground experience to your API consumers. Some of the features you get with Swashbuckle are: Auto-generated Swagger 2.0 Seamless integration of swagger-ui Reflection-based Schema …[read more]
A friend recencly asked me whether he should use Azure for hosting his site and whether it was easy to get started with it. Although I was quick in saying yes, also realised that Azure is still a bit confusing, especially if you're new to the whole "cloud" idea or never used hosting services before. In this post, I will try to debunk some of these fears and show you how easy it is to get started with Azure. We will treat it as an "Azure for Dummies" post and take it really slow in order to help you get …[read more]
Azure.Security, my second OSS project has been released! 1. What is Azure.Security? Azure.Security is an Azure specific piece of software designed to provide cryptographic services to an application deployed to Azure Websites platform. One of the issues that you may come across when using this platform is data encryption and key management. Luckily, Azure Websites are happy to run code from the System.Security namespace, but there is no easy way to securily manage private key(s). And that's where this project comes to fill in the gap. Azure.Security uses a number of Azure features in …[read more]
Update: The current example of processing payments is NOT PCI-compliant as the card details are posted to the server. A better approach is to use the Stripe.js to generate the token and then process the payment - thanks to Christian Bryant for raising it in the comments. Take me to the PCI-Compliant option now As a web developer you are bound to have come across a requirement to implement some form of online payment processing for a site. This can be achieved using any number of third party providers such as Sage or PayPal etc. Although most of these …[read more]