Add Lets Encrypt SSL Certificate to an Azure WordPress Web App

We are currently using an expensive wildcard SSL certificate from a CA for all of our websites, that is expiring soon. Yes – there IS a very simple and straightforward way within Azure to add this wildcard certificate for multiple domain and sub-domain DEV, TEST and PROD Azure-hosted websites – but at an annual cost in excess of $750 Canadian dollars!

With Azure supporting use of Let’s Encrypt, the free, automated and open CA for Azure-hosted websites, we decided to secure all our websites with free LetsEncrypt SSL certificates working for each website before the expensive wildcard SSL expired.

NOTE: The Let’s Encrypt certificates DO expire after 90 days, so a background process using Azure Web Jobs, is necessary to automatically renew and install new certificates. Simon J.K.Pedersen has developed the Azure Let’s Encrypt Web App Site Extension to do the heavy lifting of requesting, installing  and renewing of the Let’s Encrypt certificates. What a help this all is! Once the preparations are complete (as outlined below) the new Let’s Encrypt SSL certificate is working in less than 5 minutes.

After reading Simon’s documentation on How to Install, Known Issues, and How to Troubleshoot this is the process we used to change the SSL certificates on our websites. Simon J. K. Pedersen said he is actively working on an Azure extension to create a LetsEncrypt wildcard certificate. That will save even MORE time.

(more…)

Use Azure’s Kudu UI to Fix WordPress Update Failures

Another post in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Problem: 

An update of a WordPress plugin or theme for our Azure hosted WordPress website(s) fails to load. This causes an immediate problem because the old version of the plugin or theme was already deleted from the website in the update process! This is a ‘scary’ one – especially if it is the theme that is deleted from the website. Time is of the essence to get the website fixed and secured with the latest updates.

(more…)

Use Azure Kudu to Access the Infrastructure files of an Azure hosted WordPress Site

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

All of the back-end infrastructure files of a WordPress website hosted on Azure Web App Service, are exposed via its Azure source control management site. You may need to make changes to the Azure hosted WordPress site’s web.config, wp-config.php, functions.php etc.

Every Azure App Service (website) has an associated ‘scm’ service website or a Site Extension named Kudu. It is accessed by using the Source Control Management entry point https://<site-name>.scm.azurewebsites.net. NOTE: A custom domain name will not resolve with the scm modification to its URL – you must use the original *.azurewebsites.net DNS name to access Kudu.

Kudu can also be accessed via the Azure Resource Manager (ARM) for your Azure website under Settings > Development Tools > Advanced Tools > Go > Read more about Kudu here.

(more…)

Maximize Security of your WordPress Website

Within a month of building our first WordPress blog from the Azure Marketplace, we discovered that the website had been hacked. It had been injected with code we couldn’t find how to access and showed more than 20 additional blog posts pointing to random software download pages, all running from our custom domain with SSL!

We were fortunate to have noticed those extra posts as soon as we did – and before the domain’s reputation was compromised. We immediately deleted the hacked posts, and exported an xml file of our website contents for importing into a newly built ‘clean’ website infrastructure if necessary – which it was. Turned out to be faster and safer to rebuild the website than to discover exactly how and where ‘they’ had gotten in and the extent of the back-end infrastructure infiltration. Time was better spent learning how to secure and harden our WordPress website!

(more…)

Our 18 Favourite WordPress Plugins

Another post in our series on Creating Azure (hosted) WordPress Websites without knowing PHP or MySql!

Intro –  Choosing WordPress Plugins

This is the current list of plugins that we have tested and use together successfully on our current WordPress (v4.8 at the time of this writing) websites hosted on Azure Platform as a Service (PaaS). Certainly there are a number of other variations of each of these plugins to be found, both free and premium, that will work together for your various website functionality – but these are what we’ve chosen and know are reliable for what we require. (Disclaimer – we have NO affiliation with any of these plugin products, except that we use them!)

  1. SMTP Mailer
  2. iThemes Security Pro
  3. Customize WordPress Login Page
  4. All-In-One-Intranet
  5. Advanced Sidebar Menu and Advanced Sidebar Menu Pro
  6. Breadcrumb
  7. Comet Cache
  8. Swifty Page Manager
  9. Advanced Access Manager
  10. Google Analytics Dashboard for WP
  11. Smooth Scroll Page Up/Down Buttons
  12. Page-List
  13. WP Edit
  14. Enlighter – Customizable Syntax Highlighter
  15. Optimize Database after Deleting Revisions
  16. Akismet Anti-Spam
  17. WP Security Audit Log
  18. Remove Dashboard Access

(more…)

Choosing WordPress Plugins

Another post in our series on Creating Azure (hosted) WordPress Websites without knowing PHP or MySql!

Plugins are PHP scripts or small software apps that can be uploaded and installed on a WordPress website to extend and expand the functionality of the WordPress site, without having to know how to change the core code and learn PHP. WordPress was designed to be extended by plugins – modular programs that add functionality to a WordPress website. There are more than 40,000 free Plugins available on WordPress.org and thousands of Premium (not free) plugins that will deliver just about anything you want to add to your website.

For us, that means that we don’t have to learn PHP to add the specific functionality that we need on our custom websites – we just need to find the ‘right’ plugins. The caution in using plugins, is that they must be updated and tested for the latest WordPress platform version, play well with your website’s theme and other plugins you’re using, not slow down your website, nor contain ‘infecting’ code to cause security breaches.

(more…)

Setup Plan for an Azure hosted WordPress Private Support Portal

Another post in our series on Creating Azure (hosted) WordPress Websites without knowing PHP or MySql!

This website is built exactly the same as the Page-Centric Private Wiki outlined in an earlier post, but with some additional changes to the UI functionality. Follow all the directions from Page-Centric Private Wiki adding in the additional functionality outlined here.

This is a read-only private website, with all registered users having the Subscriber role. Each registered Subscriber has access to all the pages on the website but does not have access to the WP Default Tool Bar and their WP Profile page. All Subscribers are registered by the website Administrator and given strong passwords that they are encouraged to change on their first login.

(more…)

Setup Plan for an Azure hosted WordPress Page-centric Private Intranet Wiki

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Overview:

We were tasked to move all the content of a private corporate 700+ page wiki from an expensive, full-featured, social collaboration intranet subscription service, over to an Azure hosted private WordPress wiki site. Only the private wiki feature on the previous subscription service was being used & needed, so the reason for the move was to build a private website to house the corporation’s pages of internal knowledge and business documents (wiki), with ease of editing the existing content as well as being able to add more content, operating on the solid, secure Azure Web App Service hosting platform.

Microsoft Azure provides a powerful, secure, reliable, scalable, highly-available, pay-for-what you-use, cost effective cloud platform to build and deploy enterprise-grade WordPress websites with Azure Backup and Azure Blob Storage services. We knew we could have a WordPress website up and running in just a few minutes – but then the challenges of working with WordPress presented!

(more…)

How to Add phpMyadmin Website Extension via Azure Portal

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

To work directly on the MySql database associated with your Azure hosted WordPress website, you need to load the phpMyadmin website extension via the Kudu UI or the Azure Portal. but

We don’t work with MySql,  but having direct access to the MySQL database is helpful if your admin login became corrupted and you were unable to connect to the website! In the phpMyadmin interface, it is a quick fix to add a new admin user to the database and then login to the website again. Lockout averted!

This is a good step-by-step article on How to Add an Admin User to the WordPress Database via MySQL

From the Azure Portal for the website: Development Tools > Extensions > Add > Choose phpMyadmin from the list of extensions > OK

(more…)

Setup Plan for an Azure hosted WordPress public technical Blog

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

WordPress was created in 2003 as a simple platform for quickly creating a blog, using dated posts in categories. The WordPress platform is optimized for blog posts.

Let’s look now at the general and specific steps for setting up a basic WordPress public Technical Blog.

This is the public landing page of a basic WordPress Technical blog using the Divi Theme, customizations and selected plugins mentioned in previous posts:

(more…)

12 Easy Customizations for an Azure hosted WordPress site

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

These are the 12 most common customizations that we use on our WordPress websites.

1. Remove the WP logo from the Admin bar
2. Replace ‘Howdy’ on the Admin bar to ‘Logged in as’
3. Remove the WP Admin Bar and Personal Tool Bar access to Subscribers
4. Disable all automatic theme updates
5. Disable all automatic plugin updates
6. Disable WordPress core Major and Development Updates
7. Customize the WP Login Page
8. Remove the ‘Powered by WordPress’ in the Footer
9. Remove the WP Title’s Tagline ‘Just another WP Site’
10. Set Permalinks to display the post name
11. Set the Time Zone
12. Add custom CSS for Tables to the Child-Theme’s style.css file

(more…)

Adding an Azure Content Delivery Network (CDN) to WordPress website

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

A Content Delivery Network (CDN) service is a network of geographically dispersed servers that have been optimized for distributing cached static files such as images, CSS/JS files and other web app structural components. Website users will receive your website’s cached static content from servers located nearest their geographic location, reducing page load time.

Overview of the Azure Content Delivery Network (CDN):

The Azure Content Delivery Network (CDN) caches static web content at strategically placed locations to provide maximum throughput for delivering content to users. The CDN offers developers a global solution for delivering high-bandwidth content by caching the content at physical nodes across the world.

(more…)

Use Azure Blob Storage as another Disaster Recovery Tool for WordPress site Contents

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Another level of assuring data safety (WP Pages, Posts, etc.) besides full website backups to Azure Backup and Recovery Web App Servicesince a website can always be rebuilt, but losing data is not an option – is to export a latest copy of the website contents to a ‘safe place’. If necessary, the website WP infrastructure could always be reproduced and the saved website contents imported back in.

The exported copy of the website contents (Posts, Pages, Layouts, Media, etc) can be easily imported into the newly built website. That is, it can be easily imported, as long as the xml file created by the Export Tool is less than 8MG. Even our largest website with over 700 pages, is less than 6 MG, since we do not store media or documents within the website, but use only hyperlinks to an Azure Storage Blob containing the images, documents etc. (Learn about setting up Azure Blob Storage for media & documents in an Azure hosted WP site.)

(more…)

Using Azure App Service’s Backup & Restore for Azure hosted WordPress sites: Part 2: Restore

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Part 1: Backup a WordPress website

Backups are only as good as a successful, proven restore process. And the Restore process of the Azure App Service for a WordPress (WP) website should to be tested, validated and documented BEFORE disaster recovery is needed!

To demonstrate the ease and effectiveness of the Azure App Service Restore process, we’ve made several simple changes to a staged WordPress website (WP-techblog), changing some back-end WordPress functionality as well as changing website content. We’ll then use the Azure Restore feature to restore to the initial state of the website, i.e. before the changes, in the first manual backup/snapshot captured.

(more…)

Using Azure App Service’s Backup & Restore for Azure hosted WordPress sites: Part 1: Backup

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Part 2: Azure Web App Service Restore

Azure App Service’s Backup & Restore feature is the easiest, quickest and most reliable way to backup & restore an Azure hosted WordPress website (or any Azure hosted website!) manually or on a configured schedule. The focus of this article is backing up WordPress websites hosted on the Azure platform (PaaS), though the information applies to any website hosted on Azure App Services.

While there are a number of options available for setting up WordPress website backups using plugins or 3rd party companies, Azure App Service provides convenient, accessible, automated and/or manual, Backup and Restore options on Azure S1 Standard App Service Plans and higher. The Restore option works seamlessly and effectively to restore a website when you’ve done something to lock it down, or break access – by overwriting the existing website or restoring to a totally new website. Backups are stored separately in an Azure Blob Storage container for easy access, not adding to the website’s file storage size. (more…)

Convert a WordPress blog Internal Storage to using Azure Blob Storage 

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Problem:

A new WordPress blog site (hosted on Azure PaaS) had become bloated with images uploaded directly to the website’s Media Library after only 20 posts. WordPress automatically adds in 3 versions (various resolutions and a thumbnail) of each image, as do some themes and plugins, so the wp-contents/uploads folder was overloaded by at least 400%! When we needed to move the website to a different location & subscription, the native WordPress ‘Export/Import Contents’ did not work reliably enough for such a large number and size of image files. A website Restore operation doubled the size of the websites next backup. Initially we tried using various WordPress plugins to clean up the bloated mess before doing the website migration, but that didn’t get us far – and caused more problems.

Solution:

Convert the WordPress website to using cloud based storage slimming down and speeding up the website. In this case, we migrated the existing images videos and other website uploads to an Azure Blob Storage container.

(more…)

Part 3: Using ‘Windows Azure Storage for WordPress’ Plugin for Hosting Media and Uploads

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Now, we look at the second Azure Blob Storage option discussed – uploading and accessing images stored in Azure Storage using the Windows Azure Storage for WordPress plugin.

1. Using a Windows Azure account and an Azure subscription, create a Windows Azure Storage account and a Blob container with its Access Policy set to ‘Blob’, which is a public, read-only container. Read how to do that here, steps 1 and 2.

(more…)

Part 2: Setup Azure Blob Storage to work with WordPress

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

This is a 3 Part excerpt from our soon-to-be-released book, “Build Secure WordPress Websites in Azure – without knowing PHP or MySql“.
Part 1: Using Azure Blob Storage to Store and Deliver WordPress Media and Uploads
Part 3: Using ‘Windows Azure Storage for WordPress’ Plugin for Hosting Media and Uploads

1. With an Microsoft account and an Azure subscription, in the Azure Resource Manager (ARM) portal, set up a Storage Account:

(more…)

Create an Azure WordPress Website – Part 7 Build a Child Theme in Kudu

Another post in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Why Use a Child Theme?

Child Themes are used when you know that you will be customizing and changing the website’s theme. The Child Theme is totally dependent on its parent to be able to work. A Child Theme isn’t a viable entity in itself – it uses everything in the parent theme and then you only modify what functions you want to be different. The Parent Themes files are not changed. In WordPress, when a Theme is updated, which they regularly are, all current customizations are over-written and lost. Using a child theme allows modifications and additions to the functionality of the parent theme, without modifying the parent theme’s code files directly. Updating the parent theme is easy and doesn’t erase any customizations. Plus, you can always revert back to the parent theme if you inadvertently break the child theme.

Note that using the Divi theme, a child theme is not required since there is a Custom CSS option built into the theme that will not be overwritten during theme updates.

How to Build a Child Theme:

From the Codex of WordPress.Org:

(more…)

Part 1: Using Azure Blob Storage to Store and Deliver WordPress Media and Uploads

Read all of the other posts in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

This is the first of a 3 Part excerpt from our soon-to-be-released book, “Build Secure WordPress Websites in Azure – without knowing PHP or MySql“.
Part 2: Setup Azure Blob Storage to work with WordPress
Part 3: Using ‘Windows Azure Storage for WordPress’ Plugin for Hosting Media and Uploads

Problem: Uploaded media and uploads to the WordPress Media Library are unorganized, difficult to find to re-use or edit & overload website storage

Blogs need images and videos.

(more…)

Create an Azure WordPress Website – Part 6 Configuration & Themes

Another post in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

Configuration Overview

This is the sequence of customizations we will use to configure a WordPress website hosted on Microsoft Azure, regardless of the website’s final purpose:

  • Choose and upload a WordPress Theme which is the website’s front-end design package
  • Create and install a Child Theme of the chosen Theme
  • Setup the website’s backup/restore process on Azure so you can always go back a step if you’ve broken something causing the website to not load or lock you out. It’s important to test and ensure the Restore process is successful BEFORE its necessary.
  • Setup Email sending via SMTP
  • Setup the website’s Security
  • Customizations of some of the WordPress default features
  • Installing and configuring ‘general’ and then specific plugins for website’s end use

(more…)

Create an Azure WordPress Website – Part 5 Force HTTPS via Azure’s KUDU UI

Another post in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

To force the new WordPress website to resolve only to HTTPS, it is necessary to access the web.config file of the website, and add in an URL Rewrite Rule.

How do we quickly access the web.config file in an Azure hosted WordPress site?

Every Azure App Service (website) has an associated ‘scm’ service website or a Site Extension named Kudu created for your website . It is accessed by using the Source Control Management entry point https://<site-name>.scm.azurewebsites.net. NOTE: The custom domain name will not resolve with the scm modification to its URL – you must use the original *.azurewebsites.net DNS name to access Kudu. In our case, the https://tech-blog.scm.alvarnet.com will NOT work…we must use https://tech-blog.azurewebsites.net to access Kudu.

Kudu can also be accessed via the Azure Resource Manager (ARM) for your Azure website under Settings > Development Tools > Advanced Tools > Go > Read more about Kudu here.

(more…)

Create an Azure WordPress Website – Part 2 Add A Custom Domain Name

Another post in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

In the Overview blade, the URL of the new azure hosted WordPress website  is http://wp-techblog.azurewebsites.net.

Now we’ll add a custom domain so that the website will resolve to: http://techblog.alvarnet.com instead of using the azurewebsites.net domain.

Settings > Custom Domain blade > Hostnames > Add hostname

(more…)

Create an Azure WordPress Website – Introduction

The introduction post in our series on Creating Azure (hosted) WordPress Websites without knowing php or MySql!

  • Do you need to set up a blog, quickly and cost effectively?
  • Do you need to build a private ‘page-centric’ wiki or a public support site?
  • Are you not conversant in PHP or MySQL or the security vulnerabilities of an ‘out-of-the-box’ WordPress website?
  • Are you looking into new WordPress cloud hosting options?

We’ve found the answers for you!

     

Microsoft Azure provides a powerful, secure, reliable, scalable, highly-available, pay-for-what you-use, cost effective cloud platform to build and deploy enterprise-grade WordPress websites with Azure Backup and Azure Blob Storage services. You can have a WordPress website up and running in just a few minutes.

While setting up the WordPress installation on Azure is straight forward, guidance for building out the rest of a functional WordPress website setup is less structured and not clearly documented for those of us not familiar with WordPress, Php and MySql development. There IS an almost overwhelming amount of WordPress configuration information available online, but it takes a lot of time to sift through even one topic to find what will work optimally for what you are trying to build.

In our case, we started with building a public technical blog on WordPress from Azure Marketplace – that was hacked with an additional 25 webpages, and persistent invasive code, within the first month! That moved us into researching & implementing security hardening of a WordPress site, Azure backup and restoration options. (more…)