Enforcing TLS 1.2 use with Azure Service Bus

Long-term commitment to supporting protocols and protocol versions is a key expectation customers have from commercial cloud services. Deployed solutions, and especially widely deployed client applications that are often operated outside the original developer’s control, are expected to not become spontaneously broken and cut off from cloud services by protocols being retired.  When it comes to…


Azure Management Certificates (German Cloud, Azure Deutschland)

This article has been moved to its new home here: https://benperk.github.io/msdn/2017/2017-02-azure-management-certificates-german-cloud-azure-deutschland.html This article has to do mostly with the German Cloud, #GermanCloud #AzureGermany because it is most probable that there will not be anything similar to manage.windowsazure.com deployed to this solution.  Why is that important?  It is important because this is historically how many people configured…


Execute an Azure PowerShell (ARM) script without prompting for credentials

This article has been moved to its new home here:  https://benperk.github.io/msdn/2017/2017-01-execute-an-azure-powershell-arm-script-without-prompting-for-credentials.html Something I have noticed and seems to be a path being set forward is that ASM capabilities are not going to be available in an Azure Sovereign clouds.  By ASM, I mean anything that is dependent on this URL manage.windowsazure.com.  Therefore, if you have any…


Best Practices for WordPress Security on Azure

This article was put together by Mangesh Sangapu and Yi Wang. Shout-out to Cory Fowler and Sunitha Muthukrishna for additional tips. WordPress Security is often an overlooked feature. Customers are quick to configure their site, but often forget to fine tune the security aspect. Here we have compiled steps that will help make your WordPress site…


How (I) connected a console application to a Web API protected by an Azure Active Directory

This article has been moved to its new home here:  https://benperk.github.io/msdn/2016/2016-10-how-i-connected-a-console-application-to-a-web-api-protected-by-an-azure-active-directory.html The code can be downloaded from here or on GitHub. I wrote this post here where I discussed how I configured Azure Active Directory into one of my Azure App Service Web Apps.  One of the main differences between that post and what I am…


How (I) configured Azure Active Directory into my ASP.NET MVC OWIN web application

This article has been moved to its new home here:  https://benperk.github.io/msdn/2016/2016-09-how-i-configured-azure-active-directory-into-my-asp-net-mvc-owin-web-application.html Before I get started, keep in mind, that I am not a security expert, if you want to enable security for your Azure App Service Web App I recommend using EasyAuth as described here, so much easier, IMO.  You likely get some benefits from the…


Scan your App Service for vulnerabilities

This article has been moved to its new home here: https://benperk.github.io/msdn/2016/2016-04-scan-your-app-service-for-vulnerabilities.html A recent feature deployed for App Services (Web App, Mobile App, API App or Logic App) is a tool that can scan your App Service for vulnerabilities, announced here. Once you have signed up, you will see a link to your management console similar to…


How to setup IP Security Restrictions for an Azure App Service

This article has been moved to its new home here: https://benperk.github.io/msdn/2016/2016-03-how-to-setup-ip-security-restrictions-for-an-azure-app-service.html I wrote an article here that describes how to connect to a Web App from IIS manager. If you cannot do that, read down at the bottom of the article where I show the configuration you can add to the web.config manually. Here is a…


Make a self-signed SHA256 SSL certificate

This article has been moved to its new home here:  https://benperk.github.io/msdn/2015/2015-12-make-a-self-signed-sha256-ssl-certificate.html I wrote an article about making an SSL certificate using MAKECERT here, but that example used the default SHA1 signature hash algorithm which is deprecating.  Therefore, instead of the command shown in Figure 6 on the referenced article, I recommend using this command, that includes…


How to add a Server Core IIS server to a domain

This article has been moved to its new home here:  https://benperk.github.io/msdn/2015/2015-11-how-to-add-a-server-core-iis-server-to-a-domain.html I have been messing around with Server Core, this is a much friendlier version when I need to closely manage physical hardware resources like CPU and memory.  Plus, there are fewer updates that I need to install with the much more limited OS foot print. As…