Register an Azure Active Directory Security Principal – ARM Portal

An Azure service principal is a security identity used by applications, services, and automation tools to access designated Azure resources. The service principal is a ‘user identity’ (username and password) with an assigned role/permissions in Azure Active Directory (AAD). The service principal should only need to do specific things, unlike a general user identity. In this example, a new Service Principal will be created in AAD and assigned to an Azure Resource Group. Read here for the steps to register a new Service Principal using PowerShell.

Using the Azure Portal

Adding a service principal in the Azure Portal is very straight forward.

Go to Azure Active Directory > App registrations > Add New application registration > create a Display Name > Save

Assign Name and an URL for a web app  – which can be changed at any time later.

Azure assigns an Application/Client ID for the new service principal

To create the Key for the new Service Principal go to Settings > Keys > Add the Display Name into the Description > select Duration > Save

Copy/paste the Key Value saving it before leaving the Keys blade:

The new Service Principal (Login in this example) shows in the list of Azure Active Directory App registrations:

Now apply the new Service Principal ‘Login’ to a specific Resource Group (or subscription). Note that all objects in the Subscription or the Resource Group will inherit the Contributor permission for access. Go to the Resource Group or Subscription or other Azure object > Access control (IAM) > +Add > select permission level/Role that the service principal will be assigned> type in the display name of the new service principal > Select > Save.  Note that all objects in the Resource Group will now inherit permission for the service principal to access them as a Contributor

This is a screen shot of the Access control (IAM) for a web app that had the Service Principal added at the Subscription level:

Register an Azure Active Directory Security Principal – PowerShell

An Azure service principal is a security identity used by applications, services, and automation tools to access designated Azure resources. The service principal is a ‘user identity’ (username and password) with an assigned role/permissions in Azure Active Directory (AAD). The service principal should only need to do specific things, unlike a general user identity. In this example, a new Service Principal will be created in AAD and assigned to an Azure Resource Group. Read here for the steps to register a new Service Principal using the Azure ARM Portal

Using PowerShell

1. #Login to Azure Subscription

2. #Declare Variables

(more…)

Add Lets Encrypt SSL Certificate to an Azure WordPress Web App

We are currently using an expensive wildcard SSL certificate from a CA for all of our websites, that is expiring soon. Yes – there IS a very simple and straightforward way within Azure to add this wildcard certificate for multiple domain and sub-domain DEV, TEST and PROD Azure-hosted websites – but at an annual cost in excess of $750 Canadian dollars!

With Azure supporting use of Let’s Encrypt, the free, automated and open CA for Azure-hosted websites, we decided to secure all our websites with free LetsEncrypt SSL certificates working for each website before the expensive wildcard SSL expired.

NOTE: The Let’s Encrypt certificates DO expire after 90 days, so a background process using Azure Web Jobs, is necessary to automatically renew and install new certificates. Simon J.K.Pedersen has developed the Azure Let’s Encrypt Web App Site Extension to do the heavy lifting of requesting, installing  and renewing of the Let’s Encrypt certificates. What a help this all is! Once the preparations are complete (as outlined below) the new Let’s Encrypt SSL certificate is working in less than 5 minutes.

After reading Simon’s documentation on How to Install, Known Issues, and How to Troubleshoot this is the process we used to change the SSL certificates on our websites. Simon J. K. Pedersen said he is actively working on an Azure extension to create a LetsEncrypt wildcard certificate. That will save even MORE time.

(more…)

Move Azure Snapshot to new Subscription – PowerShell

At the time of writing this, moving/migration of VMs with managed disks to a new Azure Subscription, is not supported in Azure. It is possible however, to move managed snapshots of a VM’s vhds  to another Azure subscription, and then ‘reconstruct’ the VM using the OS and data disks snapshots or managed disks. The VM object itself is just metadata running the vhds  (The Move option for both snapshots or managed disks displays in the Azure portal, but we found that the portal Move option does not work for our various Azure Accounts and Subscriptions.(See screen shot below).) The Move operations of snapshots or managed disks can be done easily via PowerShell.

Why move managed disks to another subscription? For example, once a Dev/Test environment is proven, the typical procedure is to migrate the IaaS infrastructure to an Enterprise Subscription for a production environment. Also, moving copies of snapshots out of the main subscription is beneficial for data retention in case of Disaster Recovery or accidental deletions.

A work around for this current limitation – not being able to move/migrate a VM, is to move the managed snapshot(s) to a new Subscription, and then create new managed disks of OS and data vhds for VM in another subscription. It is also possible to migrate a copy of a snapshot or a managed disk into a Storage Account as a page blob to be used by other subscriptions or even other Azure accounts. Read about moving Snapshots to a Storage Account

Unsuccessful Snapshot Move In ARM Portal:

While the option to Move to another subscription is shown on the snapshot blade, validation of the process failed giving the error that this subscription is not ‘registered to use Microsoft.Computer/ManagedResourcesMove feature…but a snap shot can easily be copied to another subscription via PowerShell.

(more…)

Export an Azure Managed Snapshot to Storage Account – PowerShell

Azure Snapshots of managed virtual hard drives (vhds) are stored in Resource Groups (as opposed to ‘unmanaged’ Snapshots being stored in storage accounts). While it is possible to move the managed snapshots to another subscription using PowerShell, there are advantages to having a copy of crucial core snapshots readily available and protected as a Page Blobs in a Storage Account.

With PowerShell, copies of the Snapshots can be exported to an Azure Storage Account to be able to:

  • Maintain a separated set of crucial snapshot copies that cannot be deleted by accident, helpful as another Disaster Recovery point
  • Quickly & easily copy Snapshots to a different Azure account or subscription using Microsoft Azure Storage Explorer  and then create new managed disks and VMs in the different Account or subscription
  • At the time of this writing, VMs with managed disks cannot be moved from one Azure region to another. The workaround is to export a snapshot of the VMs managed disks to a storage account in a different region, and then re-create the VM with the managed disk(s) in a Resource Group in the different region. Read more here.

1. #Login to Azure Portal (read here for a slick way to select the correct subscription context)

(more…)

Create an Azure Disk Snapshot – PowerShell or Portal

Working in Hyper-V before moving all of our resources from physical servers in datacenters to Azure IaaS or PaaS, we regularly took new snapshots of Virtual Machines (VMs) before testing major development changes, adding Windows updates, testing new application settings etc., to allow us to easily revert to the previous state of the VM if desired. In Azure, snapshots are taken of the virtual disks (vhd), not the VM instance itself. Snapshots are full, read-only copies of the vhds. A new VM is created with new managed disks created from stored snapshots of OS data disks; data disk snapshots are turned into managed data disks and then attached to a VM.

An Azure snapshot of a data or operating system (os) vhd can be used:

  • For custom backup/restore of a VMs vhds
  • For troubleshooting disk problems.
  • To create a copy of production servers for use in development, or the opposite, copy a dev environment into production mode.
  • To quickly duplicate a fresh VM instance. For example, we use specific single-tier and double-tier web server/sql server environments that need to be reproduced for various testing scenarios. A new ‘exact copy’ environment, with all accounts and applications in place, can be ready for access within 5 minutes if necessary, using stored Azure Snapshots of the OS and data disks. These are considered ‘specialized’ disks…
  • To create a ‘repository’ of prepared OS and data disks for use in creating multiple VM copies.
  • To create a dr backup repository of snapshots in a different region or subscription (or both), in case of accidental deletion of key OS or data disks.
  • Backing up a VM before making a major change – although it is not possible to revert the VM to the previous state, the VM can be deleted and using the saved snapshots > create new managed OS and data disks > create a new VM using the previous VMs Nic, etc.

(more…)

Move an on-Prem Hyper-V VM to Azure (specialized VHD)

One way to move an on-premises Hyper-V Windows virtual machine (VM) with all its user accounts, policies and applications fully intact up to Azure, is to create a specialized disk of the VM’s operating system virtual hard disk (VHD). This specialized VHD is then uploaded to Azure, after being properly prepped to work in the Azure environment and attached to a new VM.

Notes:

  • Only Generation 1 Hyper-V VMs are supported on Azure. Keep this in mind when creating or are considering moving Hyper-V machines to Azure. A Generation 2 Hyper-V VM cannot be converted to a Generation 1 Hyper-V VM.
  • The Hyper-V vhdx disk format must be converted to vhd, and the dynamically expanding property of the Hyper-V vhd changed to fixed-sized. This is done easily in PowerShell
  • In Azure, the size of a managed or unmanaged VHD can be increased, but not decreased, so to speed the uploading time of the prepared VHD to Azure, make sure the Hyper-V VMs OS disk is as small as possible when the Hyper-VM is first created.

In the 2 sets of .vhdx drives converted to .vhd drives shown below:

(more…)

Azure Resource Manager PowerShell Login – make it persist!

With multiple Azure subscriptions within a single Azure account, it is crucial to be logged into the correct Azure subscription (AzureRM Context), to be able to access the Azure resources within a specific subscription, via PowerShell (POSH). There is a default subscription that is set to open with each new POSH session. If this default subscription isn’t the preferred working subscription, you will have to select the correct subscription for every new POSH session.

With the Azure Context Autosave feature (added Sept 2017), it is possible that after setting the subscription for the current session, you can have the Azure credentials, account and subscription information saved and automatically loaded when you open a new POSH window – by using the Enable-AzureRmContextAutosave cmdlet

And for easy subscription selection, I recently found these simple POSH cmdlets here, to be able to brilliantly select the correct Azure Subscription by clicking on the list of Azure subscriptions in the Azure Windows account. No copying and pasting of subscription ID, name and/or tenant ID required!

(more…)

Export Certificates for Azure P2S Authentication

This is the Export step in the process of generating and uploading self-signed Root and client certificates to Azure for authentication for a Point-to-Site VPN Gateway. The PowerShell to create the root and client certificates is found here.

After creating the self-signed root certificate, it must be exported so it can be uploaded to Azure for the P2S configuration. It is only necessary to export the generated client certificate if it is to be installed on another client/computer. It is automatically installed on the client/computer it was generated from. Instructions are given here for exporting both the .cer file and the client certificate.

Export .cer file from Root Certificate
Export Client Certificate

(more…)

Setting up Azure’s P2S VPN Gateway with PowerShell

Azure’s Point-to-Site (P2S) VPN gateway connection creates a secure connection to an Azure virtual network’s (VNet) resources from an individual client computer. A VPN gateway is created on its own subnet in an Azure VNet, and then configured to allow P2S connections. No VPN physical device is required and there are minimal, if any, changes required to be made to the on-prem network. A P2S VPN connection is established by starting it from the client computer.

A P2S solution is useful for connecting to Azure VNets from a remote location or when there are only a few clients that need to access an Azure VNet’s resources. We use a P2S connection as a proof-of-concept (POC) for a .Net Web App hosted within an Azure VM webserver to be able to connect to an on-prem Sql Database.

The following cmdlets and process flow is from an excellent article in Azure Documentation, Configure a Point-to-Site connection to a VNet using native Azure certificate authentication: PowerShell with detailed explanations for each of the following steps – we’ve just put it all together in a single, easy to follow list of PowerShell cmdlets to run sequentially in an elevated Windows PowerShell ISE session, to quickly set up a P2S Gateway – after changing the variables for each use case.

Download Zip of POSH cmdlets

There is also an ARM Quickstart Template Point-to-Site Gateway that will quickly provision a P2S Gateway on Azure for you covering Steps 2 – 7 below!

(more…)

2-for-1: “Google Cloud for Developers” AND “Using Azure for Dev & Testing”

2-for-1: “Google Cloud for Developers” AND “Using Azure for Dev & Testing”

March 15, 2018 – 72 people attended

Details:

Two talks were scheduled for this event.

The first talk is “Google Cloud for .NET Developers” by Ken Cenerelli.

The second talk is “Using Azure for Software Development & Testing
Azure DevTest Labs is a free service that helps developers and testers quickly create environments in Azure while minimizing waste and controlling cost. You can test the latest version of your application by quickly provisioning Windows and Linux environments using reusable templates and artifacts. Easily integrate your deployment pipeline with DevTest Labs to provision on-demand environments. Scale up your load testing by provisioning multiple test agents, and create pre-provisioned environments for training and demos. The only cost comes from the actual Azure resources consumed such as VMs, storage, databases, etc. The topics covered include:
* Quickly provision development and test environments
* Minimize waste with quotas and policies
* Set VM automated shutdowns and startups to minimize costs

(more…)

Use Azure’s Kudu UI to Fix WordPress Update Failures

Another post in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Problem: 

An update of a WordPress plugin or theme for our Azure hosted WordPress website(s) fails to load. This causes an immediate problem because the old version of the plugin or theme was already deleted from the website in the update process! This is a ‘scary’ one – especially if it is the theme that is deleted from the website. Time is of the essence to get the website fixed and secured with the latest updates.

(more…)

Use Azure Kudu to Access the Infrastructure files of an Azure hosted WordPress Site

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

All of the back-end infrastructure files of a WordPress website hosted on Azure Web App Service, are exposed via its Azure source control management site. You may need to make changes to the Azure hosted WordPress site’s web.config, wp-config.php, functions.php etc.

Every Azure App Service (website) has an associated ‘scm’ service website or a Site Extension named Kudu. It is accessed by using the Source Control Management entry point https://<site-name>.scm.azurewebsites.net. NOTE: A custom domain name will not resolve with the scm modification to its URL – you must use the original *.azurewebsites.net DNS name to access Kudu.

Kudu can also be accessed via the Azure Resource Manager (ARM) for your Azure website under Settings > Development Tools > Advanced Tools > Go > Read more about Kudu here.

(more…)

Maximize Security of your WordPress Website

Within a month of building our first WordPress blog from the Azure Marketplace, we discovered that the website had been hacked. It had been injected with code we couldn’t find how to access and showed more than 20 additional blog posts pointing to random software download pages, all running from our custom domain with SSL!

We were fortunate to have noticed those extra posts as soon as we did – and before the domain’s reputation was compromised. We immediately deleted the hacked posts, and exported an xml file of our website contents for importing into a newly built ‘clean’ website infrastructure if necessary – which it was. Turned out to be faster and safer to rebuild the website than to discover exactly how and where ‘they’ had gotten in and the extent of the back-end infrastructure infiltration. Time was better spent learning how to secure and harden our WordPress website!

(more…)

Our 18 Favourite WordPress Plugins

Another post in our series on Creating Azure (hosted) WordPress Websites without knowing PHP or MySql!

Intro –  Choosing WordPress Plugins

This is the current list of plugins that we have tested and use together successfully on our current WordPress (v4.8 at the time of this writing) websites hosted on Azure Platform as a Service (PaaS). Certainly there are a number of other variations of each of these plugins to be found, both free and premium, that will work together for your various website functionality – but these are what we’ve chosen and know are reliable for what we require. (Disclaimer – we have NO affiliation with any of these plugin products, except that we use them!)

  1. SMTP Mailer
  2. iThemes Security Pro
  3. Customize WordPress Login Page
  4. All-In-One-Intranet
  5. Advanced Sidebar Menu and Advanced Sidebar Menu Pro
  6. Breadcrumb
  7. Comet Cache
  8. Swifty Page Manager
  9. Advanced Access Manager
  10. Google Analytics Dashboard for WP
  11. Smooth Scroll Page Up/Down Buttons
  12. Page-List
  13. WP Edit
  14. Enlighter – Customizable Syntax Highlighter
  15. Optimize Database after Deleting Revisions
  16. Akismet Anti-Spam
  17. WP Security Audit Log
  18. Remove Dashboard Access

(more…)

Choosing WordPress Plugins

Another post in our series on Creating Azure (hosted) WordPress Websites without knowing PHP or MySql!

Plugins are PHP scripts or small software apps that can be uploaded and installed on a WordPress website to extend and expand the functionality of the WordPress site, without having to know how to change the core code and learn PHP. WordPress was designed to be extended by plugins – modular programs that add functionality to a WordPress website. There are more than 40,000 free Plugins available on WordPress.org and thousands of Premium (not free) plugins that will deliver just about anything you want to add to your website.

For us, that means that we don’t have to learn PHP to add the specific functionality that we need on our custom websites – we just need to find the ‘right’ plugins. The caution in using plugins, is that they must be updated and tested for the latest WordPress platform version, play well with your website’s theme and other plugins you’re using, not slow down your website, nor contain ‘infecting’ code to cause security breaches.

(more…)

Setup Plan for an Azure hosted WordPress Page-centric Private Intranet Wiki

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Overview:

We were tasked to move all the content of a private corporate 700+ page wiki from an expensive, full-featured, social collaboration intranet subscription service, over to an Azure hosted private WordPress wiki site. Only the private wiki feature on the previous subscription service was being used & needed, so the reason for the move was to build a private website to house the corporation’s pages of internal knowledge and business documents (wiki), with ease of editing the existing content as well as being able to add more content, operating on the solid, secure Azure Web App Service hosting platform.

Microsoft Azure provides a powerful, secure, reliable, scalable, highly-available, pay-for-what you-use, cost effective cloud platform to build and deploy enterprise-grade WordPress websites with Azure Backup and Azure Blob Storage services. We knew we could have a WordPress website up and running in just a few minutes – but then the challenges of working with WordPress presented!

(more…)

How to Add phpMyadmin Website Extension via Azure Portal

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

To work directly on the MySql database associated with your Azure hosted WordPress website, you need to load the phpMyadmin website extension via the Kudu UI or the Azure Portal. but

We don’t work with MySql,  but having direct access to the MySQL database is helpful if your admin login became corrupted and you were unable to connect to the website! In the phpMyadmin interface, it is a quick fix to add a new admin user to the database and then login to the website again. Lockout averted!

This is a good step-by-step article on How to Add an Admin User to the WordPress Database via MySQL

From the Azure Portal for the website: Development Tools > Extensions > Add > Choose phpMyadmin from the list of extensions > OK

(more…)

Setup Plan for an Azure hosted WordPress public technical Blog

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

WordPress was created in 2003 as a simple platform for quickly creating a blog, using dated posts in categories. The WordPress platform is optimized for blog posts.

Let’s look now at the general and specific steps for setting up a basic WordPress public Technical Blog.

This is the public landing page of a basic WordPress Technical blog using the Divi Theme, customizations and selected plugins mentioned in previous posts:

(more…)

12 Easy Customizations for an Azure hosted WordPress site

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

These are the 12 most common customizations that we use on our WordPress websites.

1. Remove the WP logo from the Admin bar
2. Replace ‘Howdy’ on the Admin bar to ‘Logged in as’
3. Remove the WP Admin Bar and Personal Tool Bar access to Subscribers
4. Disable all automatic theme updates
5. Disable all automatic plugin updates
6. Disable WordPress core Major and Development Updates
7. Customize the WP Login Page
8. Remove the ‘Powered by WordPress’ in the Footer
9. Remove the WP Title’s Tagline ‘Just another WP Site’
10. Set Permalinks to display the post name
11. Set the Time Zone
12. Add custom CSS for Tables to the Child-Theme’s style.css file

(more…)

Azure Triple Play

Wednesday, December 6, 2017 – 43 went

In this event, three excellent Azure-related presentations were featured in what we call the “Azure Triple Play” event.

Building Microservice Applications using Azure Service Fabric
Speaker: Jack Lee

Azure Batch for Parallel Computing for Data Collection
Speaker: Roy Kim

Serverless Code Architecture with Azure Functions
Speaker: Callon Campbell

(more…)

Adding an Azure Content Delivery Network (CDN) to WordPress website

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

A Content Delivery Network (CDN) service is a network of geographically dispersed servers that have been optimized for distributing cached static files such as images, CSS/JS files and other web app structural components. Website users will receive your website’s cached static content from servers located nearest their geographic location, reducing page load time.

Overview of the Azure Content Delivery Network (CDN):

The Azure Content Delivery Network (CDN) caches static web content at strategically placed locations to provide maximum throughput for delivering content to users. The CDN offers developers a global solution for delivering high-bandwidth content by caching the content at physical nodes across the world.

(more…)

FITC & FSTOCO Conference Workshops

Operation M.A.X: Building a Smart Help Desk Bot

DESCRIPTION

This is a FREE full-day technical training event in Conversations as a Platform, guided by Microsoft experts, where attendees will build an entire A.I. enabled assistant from scratch. All labs are available in both C# and Node.js.

Who should attend?

This event is for developers who want hands on experience with creating chat bots for multiple platforms from a shared codebase with Conversations as a Platform.

Agenda

  • Intro & bots in the real world
  • Creating your first “Echo” bot with the Bot Builder SDK
  • Submitting help desk tickets with the bot
  • Making the bot smarter with language understanding (LUIS)
  • Implementing a help desk KB with Azure Search and Cosmos DB
  • Deploying your bot to the cloud
  • Adding user sentiment analysis
  • Implementing human handoff
  • Back-channel communication

(more…)

Use Azure’s Advisor To Optimize Your Azure Deployments

Azure’s Advisor is a no-cost, centralized, personalized service giving best practice recommendations for optimizations in 4 categories, for Azure deployments in all of your Azure subscriptions.

Advisor analyzes your resource configuration and usage telemetry and then recommends solutions that can help you improve the cost effectiveness, performance, high availability, and security of your Azure resources.
With Advisor, you can:

  • Get proactive, actionable, and personalized best practices recommendations.
  • Improve the performance, security, and high availability of your resources, as you identify opportunities to reduce your overall Azure spend.
  • Get recommendations with proposed actions inline.   – Azure Advisor Documentation

(more…)

Use Azure Blob Storage as another Disaster Recovery Tool for WordPress site Contents

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Another level of assuring data safety (WP Pages, Posts, etc.) besides full website backups to Azure Backup and Recovery Web App Servicesince a website can always be rebuilt, but losing data is not an option – is to export a latest copy of the website contents to a ‘safe place’. If necessary, the website WP infrastructure could always be reproduced and the saved website contents imported back in.

The exported copy of the website contents (Posts, Pages, Layouts, Media, etc) can be easily imported into the newly built website. That is, it can be easily imported, as long as the xml file created by the Export Tool is less than 8MG. Even our largest website with over 700 pages, is less than 6 MG, since we do not store media or documents within the website, but use only hyperlinks to an Azure Storage Blob containing the images, documents etc. (Learn about setting up Azure Blob Storage for media & documents in an Azure hosted WP site.)

(more…)

FITC Workshop 09.24.2017 – Mickey MacDonald

FITC-2017.09.24 – Mickey MacDonald

Mickey MacDonald is a Technical Evangelist at Microsoft and a veteran software developer. His role involves working with customers, partners and developers to find solutions to their most challenging issues. Mickey’s technical focus areas include emerging technologies such as: Cognitive Services as a Platform, integrated bot development, and Artificial Intelligence. He has worked with worldwide corporations and numerous startups helping them design and build intelligent ways of engaging with their customers.

(more…)

Using Azure App Service’s Backup & Restore for Azure hosted WordPress sites: Part 2: Restore

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Part 1: Backup a WordPress website

Backups are only as good as a successful, proven restore process. And the Restore process of the Azure App Service for a WordPress (WP) website should to be tested, validated and documented BEFORE disaster recovery is needed!

To demonstrate the ease and effectiveness of the Azure App Service Restore process, we’ve made several simple changes to a staged WordPress website (WP-techblog), changing some back-end WordPress functionality as well as changing website content. We’ll then use the Azure Restore feature to restore to the initial state of the website, i.e. before the changes, in the first manual backup/snapshot captured.

(more…)

Using Azure App Service’s Backup & Restore for Azure hosted WordPress sites: Part 1: Backup

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Part 2: Azure Web App Service Restore

Azure App Service’s Backup & Restore feature is the easiest, quickest and most reliable way to backup & restore an Azure hosted WordPress website (or any Azure hosted website!) manually or on a configured schedule. The focus of this article is backing up WordPress websites hosted on the Azure platform (PaaS), though the information applies to any website hosted on Azure App Services.

While there are a number of options available for setting up WordPress website backups using plugins or 3rd party companies, Azure App Service provides convenient, accessible, automated and/or manual, Backup and Restore options on Azure S1 Standard App Service Plans and higher. The Restore option works seamlessly and effectively to restore a website when you’ve done something to lock it down, or break access – by overwriting the existing website or restoring to a totally new website. Backups are stored separately in an Azure Blob Storage container for easy access, not adding to the website’s file storage size. (more…)

Azure Stack is an On-Prem Hybrid Cloud Extension of Azure

Azure Stack Shipping September 2017

On July 10, 2017, Mike Neil, Microsoft CVP (Azure Infrastructure and Management) announced that Microsoft Azure Stack would start shipping in September 2017. The Azure Stack GA software was delivered to Microsoft’s hardware partners HPE, Dell EMC, and Lenovo to start the certification process for their integrated systems. You can read Mike Neal’s full blog post here which also covers pricing and ordering.

Here are examples of Azure Stack integrated systems from Microsoft’s hardware launch partners. As you can see from these proof of concept hardware configurations, these Azure Stack integrated systems are running much more than the minimum/recommended hardware specifications.

(more…)

Convert a WordPress blog Internal Storage to using Azure Blob Storage 

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Problem:

A new WordPress blog site (hosted on Azure PaaS) had become bloated with images uploaded directly to the website’s Media Library after only 20 posts. WordPress automatically adds in 3 versions (various resolutions and a thumbnail) of each image, as do some themes and plugins, so the wp-contents/uploads folder was overloaded by at least 400%! When we needed to move the website to a different location & subscription, the native WordPress ‘Export/Import Contents’ did not work reliably enough for such a large number and size of image files. A website Restore operation doubled the size of the websites next backup. Initially we tried using various WordPress plugins to clean up the bloated mess before doing the website migration, but that didn’t get us far – and caused more problems.

Solution:

Convert the WordPress website to using cloud based storage slimming down and speeding up the website. In this case, we migrated the existing images videos and other website uploads to an Azure Blob Storage container.

(more…)

Transitioning from On-Prem Virtual Machines to More Cost Effective Azure Cloud Models

Transitioning from On-Prem VMs to the Cloud via ‘Lift-and-Shift’

On February 14th, 2017, the last of my company’s physical servers were powered-off and then scheduled to be unracked and boxed for shipping out of the co-location hosting data centre. The physical servers that my company had invested in and setup to power our development, testing, support and client application requirements were no longer needed to run our virtual machines (VMs). We decided to move all of our VM infrastructure to Azure since it was the leading digital-transformation enabler in Canada that could meet all of our technical needs as well as those of our clients.

A VM is a software computer that, like a physical computer, runs an operating system and applications. The VM is comprised of a set of specification and configuration files and is backed by the physical resources of a host computer. Every VM has virtual devices that provide the same functionality as physical hardware and have additional benefits in terms of portability, manageability, and security.

The VM lift-and-shift approach is a common cloud migration path where companies replicate in-house VMs in the cloud with little or no re-design. For a company with a limited number of VMs in a simple configuration, it is generally a fast and relatively straight-forward migration to the cloud. The issues arise when there are complex interactions between multiple VMs and the hosted applications that may require a lot of careful planning and testing of the migration to the cloud. Microsoft has provided migration and planning tools such as the Migration Assessment Tools and Azure Site Recovery (ASR) Deployment Planner.

(more…)

Part 3: Using ‘Windows Azure Storage for WordPress’ Plugin for Hosting Media and Uploads

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Now, we look at the second Azure Blob Storage option discussed – uploading and accessing images stored in Azure Storage using the Windows Azure Storage for WordPress plugin.

1. Using a Windows Azure account and an Azure subscription, create a Windows Azure Storage account and a Blob container with its Access Policy set to ‘Blob’, which is a public, read-only container. Read how to do that here, steps 1 and 2.

(more…)

Part 2: Setup Azure Blob Storage to work with WordPress

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

This is a 3 Part excerpt from our soon-to-be-released book, “Build Secure WordPress Websites in Azure – without knowing PHP or MySql“.
Part 1: Using Azure Blob Storage to Store and Deliver WordPress Media and Uploads
Part 3: Using ‘Windows Azure Storage for WordPress’ Plugin for Hosting Media and Uploads

1. With an Microsoft account and an Azure subscription, in the Azure Resource Manager (ARM) portal, set up a Storage Account:

(more…)

Use Azure DevTest Labs for Training

One area of Azure that I like to highlight in my conversations with companies as an over-looked digital-transformation enabler is DevTest Labs. Microsoft released Azure DevTest Labs on May 2016 but customers have since found many creative uses for it beyond software development and testing environments. There is no additional cost for the services of DevTest Labs since you are only charged for standard Azure resource consumption such as VMs and storage used in your lab.

(more…)

Beer City Code 2017 Conference

Beer City Code is an annual conference for software developers held in Grand Rapids, MI, also known as Beer City, USA. Software creators of all types are welcome, even those who don’t care for beer. The Beer City Code conference grew out of the success of its predecessor, Grand Rapids DevDay, but was renamed in 2017 to embrace its much more broad appeal outside the Grand Rapids area.

(more…)

Create an Azure WordPress Website – Part 7 Build a Child Theme in Kudu

Another post in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Why Use a Child Theme?

Child Themes are used when you know that you will be customizing and changing the website’s theme. The Child Theme is totally dependent on its parent to be able to work. A Child Theme isn’t a viable entity in itself – it uses everything in the parent theme and then you only modify what functions you want to be different. The Parent Themes files are not changed. In WordPress, when a Theme is updated, which they regularly are, all current customizations are over-written and lost. Using a child theme allows modifications and additions to the functionality of the parent theme, without modifying the parent theme’s code files directly. Updating the parent theme is easy and doesn’t erase any customizations. Plus, you can always revert back to the parent theme if you inadvertently break the child theme.

Note that using the Divi theme, a child theme is not required since there is a Custom CSS option built into the theme that will not be overwritten during theme updates.

How to Build a Child Theme:

From the Codex of WordPress.Org:

(more…)

Part 1: Using Azure Blob Storage to Store and Deliver WordPress Media and Uploads

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

This is the first of a 3 Part excerpt from our soon-to-be-released book, “Build Secure WordPress Websites in Azure – without knowing PHP or MySql“.
Part 2: Setup Azure Blob Storage to work with WordPress
Part 3: Using ‘Windows Azure Storage for WordPress’ Plugin for Hosting Media and Uploads

Problem: Uploaded media and uploads to the WordPress Media Library are unorganized, difficult to find to re-use or edit & overload website storage

Blogs need images and videos.

(more…)

A Multi-Cloud Solution using Azure & AWS


June 6, 2017 – 10 went

While some cloud users are evaluating AWS vs. Azure, many enterprises are planning to use both cloud providers to avoid vendor lock-in and latency while creating redundancy. While Azure is now the clear #2 in public cloud behind AWS there are some notable differences between how the two hyper-clouds operate and the best practices for deploying workloads in each to create a multi-cloud solution that can optimize for cost and performance. The session covered:
1) AWS vs. Azure differences for compute, networking, storage and pricing.
2) Recent and coming enhancements for AWS Lambda and Azure Functions.
3) Multi-cloud environments can be complex so let’s discuss the best practices for cloud deployments when using both AWS and Azure.

(more…)

Create an Azure WordPress Website – Part 6 Configuration & Themes

Another post in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Configuration Overview

This is the sequence of customizations we will use to configure a WordPress website hosted on Microsoft Azure, regardless of the website’s final purpose:

  • Choose and upload a WordPress Theme which is the website’s front-end design package
  • Create and install a Child Theme of the chosen Theme
  • Setup the website’s backup/restore process on Azure so you can always go back a step if you’ve broken something causing the website to not load or lock you out. It’s important to test and ensure the Restore process is successful BEFORE its necessary.
  • Setup Email sending via SMTP
  • Setup the website’s Security
  • Customizations of some of the WordPress default features
  • Installing and configuring ‘general’ and then specific plugins for website’s end use

(more…)

Create an Azure WordPress Website – Part 5 Force HTTPS via Azure’s KUDU UI

Another post in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

To force the new WordPress website to resolve only to HTTPS, it is necessary to access the web.config file of the website, and add in an URL Rewrite Rule.

How do we quickly access the web.config file in an Azure hosted WordPress site?

Every Azure App Service (website) has an associated ‘scm’ service website or a Site Extension named Kudu created for your website . It is accessed by using the Source Control Management entry point https://<site-name>.scm.azurewebsites.net. NOTE: The custom domain name will not resolve with the scm modification to its URL – you must use the original *.azurewebsites.net DNS name to access Kudu. In our case, the https://tech-blog.scm.alvarnet.com will NOT work…we must use https://tech-blog.azurewebsites.net to access Kudu.

Kudu can also be accessed via the Azure Resource Manager (ARM) for your Azure website under Settings > Development Tools > Advanced Tools > Go > Read more about Kudu here.

(more…)

DevOps in the Cloud for Software Development & Testing

May 10, 2017 – 42 went

During this talk, we reviewed how you can easily provision and manage a Dev-Test environment in the cloud, move existing environments into the cloud for testing, then back to on-premises datacenters with relative ease, less complexity and comparatively small cost. All of this will help you meet the needs of your teams faster and manage Dev-Test environments with more visibility and control.

•  How the cloud can accelerate traditional software development and testing
•  Maximizing return: The game changing scale and economics of the cloud
•  Infrastructure as a Service (IaaS) vs Platform as a Service (PaaS)
•  Connecting on premise resources to the public cloud
•  Securing cloud infrastructure using existing investments and processes
•  Automation – saving time and money managing infrastructure deployment
•  How cloud apps are different: elastic capacity, redundancy, backup and recovery
•  Addressing organizational concerns: security, cost, and control

(more…)

Create an Azure WordPress Website – Part 2 Add A Custom Domain Name

Another post in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

In the Overview blade, the URL of the new azure hosted WordPress website  is http://wp-techblog.azurewebsites.net.

Now we’ll add a custom domain so that the website will resolve to: http://techblog.alvarnet.com instead of using the azurewebsites.net domain.

Settings > Custom Domain blade > Hostnames > Add hostname

(more…)

What’s New in Visual Studio 2017

April 26, 2017 – 23 went

Description:

Visual Studio turns 20 this year and to mark the anniversary Microsoft Tools team has released Visual Studio 2017.  We will be taking a look at the new IDE and focusing in on what  developers need to know about the new version of their favorite developer tool.

Overview:

VS 2017 Versions & Install
·  Install process to see what’s available
·  Feature comparison between the different Visual Studio versions
VS 2017 New Features & Functionality:
·  Overview of General Software Development Features
·  VS2017 + .NET Core + Azure
·  Microservices
·  Agile & DevOps workflow
·  Enterprise DevOps/TFS 2017

(more…)

MIGANG Monthly Meetup – A Multi-Cloud Solution using Azure & AWS – Arlan Nugara

April 19, 2017 – 59 went

While some cloud users are evaluating AWS vs. Azure, many enterprises are planning to use both cloud providers to avoid vendor lock-in and latency while creating redundancy. While Azure is now the clear #2 in public cloud behind AWS there are some notable differences between how the two hyper-clouds operate and the best practices for deploying workloads in each to create a multi-cloud solution that can optimize for cost and performance. The session will cover:

• AWS vs. Azure differences for compute, networking, storage and pricing.
• Recent and coming enhancements for AWS Lambda and Azure Functions.
• Multi-cloud environments can be complex so let’s discuss the best practices for cloud deployments when using both AWS and Azure.

(more…)

Boston Code Camp Conference 2017

Boston Code Camp 2017 (BCC27)

What is a Code Camp?
Since their inception by members of the local community here in Greater Boston more than 14 years ago, the concept of Code Camps has spread around the world and strengthened many local developer communities. Code Camps are all about developers sharing knowledge with fellow developers in an open format and an informal setting.
The first-ever Code Camp was held at the Microsoft Northeast Region office in Waltham, Massachusetts.

The Code Camp Manifesto:
The original Code Camp Manifesto was published by Thom Robbins in December 2004.

By and For the Greater Boston Technical Community
Boston Code Camp is a day of presentations by and for the Greater Boston and regional technical community. The Code Camp organizers encourage presenters to share a diverse set of technologies, and submissions by a range of presenters from new to highly experienced, and local to regional and national.

(more…)

Create an Azure WordPress Website – Introduction

The introduction post in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

  • Do you need to set up a blog, quickly and cost effectively?
  • Do you need to build a private ‘page-centric’ wiki or a public support site?
  • Are you not conversant in PHP or MySQL or the security vulnerabilities of an ‘out-of-the-box’ WordPress website?
  • Are you looking into new WordPress cloud hosting options?

We’ve found the answers for you!

     

Microsoft Azure provides a powerful, secure, reliable, scalable, highly-available, pay-for-what you-use, cost effective cloud platform to build and deploy enterprise-grade WordPress websites with Azure Backup and Azure Blob Storage services. You can have a WordPress website up and running in just a few minutes.

While setting up the WordPress installation on Azure is straight forward, guidance for building out the rest of a functional WordPress website setup is less structured and not clearly documented for those of us not familiar with WordPress, Php and MySql development. There IS an almost overwhelming amount of WordPress configuration information available online, but it takes a lot of time to sift through even one topic to find what will work optimally for what you are trying to build.

In our case, we started with building a public technical blog on WordPress from Azure Marketplace – that was hacked with an additional 25 webpages, and persistent invasive code, within the first month! That moved us into researching & implementing security hardening of a WordPress site, Azure backup and restoration options. (more…)