Category Archives: internet

how to host a serverless static website on azure

For my little gfpg project I wanted to put a simple static website online without having to set up and maintain a web server. I read about going serverless with a static site using S3 on AWS, but I wanted to try that on Azure instead. BLOB storage seemed the obvious alternative to S3, but it took some searching around and finding the right documentation on MSDN to get it all up and running.

If you’re on a similar quest to publish some static content to Azure BLOB storage as a serverless website, this short guide will help you along.

  1. First of all we need to create an Azure BLOB storage account for the site. The most important part is to choose a general-purpose v2 Standard storage account, for the account kind. This is the only type that supports hosting a static website. Guess who didn’t do that.
  2. Next thing is to enable static hosting of your files. This will create a $web folder in your storage account, which will be the root folder of your website. It’s that simple.
  3. Copy your files into the $web folder using the Storage explorer blade in the Storage account menu, or the Storage explorer app. You can already test your site using the Azure endpoint.
The Storage explorer is a quick and easy way to upload and manage your files in the BLOB storage account.

You can stop here if this is a personal project and you don’t need HTTPS support or a custom domain. In my case, I did want to go all the way, so here’s how to get that working as well.

  1. Get a domain name. Make it sassy ;). Make sure your domain registrar allows you to edit the CNAME records for your domain. This is pretty standard, but not all cheap web hosters allow this and you need it later on to hook up your domain to Azure.
  2. Set up an Azure CDN endpoint for your static site. I picked the Microsoft CDN option which is the most basic one, so you don’t need any accounts with a third party CDN provider.
  3. Now you can map your custom domain to your Azure CDN endpoint using a CNAME record.
  4. Create an HTTPS certificate for your site on Azure with just a few clicks. I was afraid this was going to be hard but it’s so damn easy it’s beautiful. There really is no excuse anymore to let your site just sit there on HTTP these days.
  5. Last thing to do is set up some caching rules for the CDN. We don’t want to be hitting the “slow” BLOB storage all the time and use the faster CDN instead. Depending on the option you chose for the CDN this will differ, but if you picked the Microsoft one you have to use the Standard rules engine to set your caching rules. If you picked Akamai or Verizon, you can use CDN caching rules instead.
    For a simple setup on the Microsoft CDN, go to the CDN settings Rules engine page, and set a global cache expiration rule to override and an expiration you like.
    After a few minutes you’ll see the cache header appear in your HTTP requests.
  6. Here you can also create a rule to redirect HTTP traffic to HTTPS, so people don’t accidentally hit the insecure version.

One more tip on the CDN. You can also purge the CDN cache after you pushed an update to your site to apply the changes, before your CDN cache expires. This is handy if you’ve set a rather big expiration time, because you don’t expect the site to change very often.

From the CDN account, you can purge content on a specific path, or everything at once.

programming guidelines, sort of

Years ago I ran into a website offering crude design advice. I thought it would be funny to make something similar for programming advice or guidelines. I started with a one-page website with a bunch of tips and then after a while forgot about it. Recently I ran into that project again and figured I might as well put it out here for the heck of it.

So here it is, some good fucking programming guidelines for you developers out there to have a laugh with, or perhaps even find a few useful tips and links in there. I swear, most of those tips are actually valid, even though they are presented in a tongue in cheek way.

So have fun with it. I know I did when I built the damn thing.

stop the EU from destroying your internet freedom

The EU Parliament will debate and vote on Article 13 & 11. Time to fire up your email and social media devices and let yourself be heard again, which is why I’m resurfacing this post about the what and the why.
The fight is still not over so sign the petition and let yourself be heard.

Yep. They are at it again, those pesky governments. If it ain’t the US trying to destroy net neutrality it’s the EU trying to setup a link tax and an automated content filter/surveillance/censorship machine.

I’m talking about the copyright reform law the EU is trying to get through in a few days.

Article 11 is bad. It tries to setup a link tax, meaning you cant link or post snippets to e.g. news articles on your site. A similar law was passed earlier in Spain and it causes Google news to simply pull back out of Spain. If the same happens to the whole of the EU, that would suck mayor balls.

Article 13 is far worse though. That’s the content filter, which means any site where content can be uploaded e.g. Facebook, Twitter, Instagram, Imgur etc will be forced to automatically scan your upload and filter it if it isn’t allowed. The claim is that they want to stop terrorists and bad people from spreading illegal content on the internet. The reality will be that those bad guys will find ways around it and the rest of us will be stuck with a filter that’s going to block our uploads because of flawed algorithms and bureaucratic decisions. Internet memes use copyrighted content, but will the filter be able to detect sarcasm? I don’t think so.

Hey look, a meme, with a copyrighted image. I guess we won't be able to do that anymore once Article 13 is in effect.

To quote Tim Berners Lee, the inventor of the WWW:

Article 13 takes an unprecedented step towards the transformation of the Internet, from an open platform for sharing and innovation, into a tool for the automated surveillance and control of its users.

So please help out and email, tweet or call your MEP’s and make it clear Article 11 & 13 have to go. The freedom of the internet depends on you!

cure cancer with leftover azure credits

An azure window grid, reflecting clouds. Perfect fit isn't it?Maybe you have some Azure credits lying from a Visual Studio subscription you have from work, waiting to be spent on cool and nifty experiments, but don’t end up actually using them.
How about spending some of those dollars on cancer research? Or help find a cure against Zika? Fighting AIDS maybe?

Enter the World Community Grid, a vast grid computing network running on the Open Source BOINC client software, started as a philanthropic initiative by IBM.
Sounds good right?

All you need to do is create a WCG account, spin up a Linux machine on Azure, install the BOINC headless client on it and link it to your account. In about half an hour you’ll be computing cancer markers, folding genes or fighting some horrible disease. Well, the software will be doing that really, which is even better.

Here we go, step by step.

1. Setup your Azure Linux machine, I chose an Ubuntu 16 LTS machine. I pick the classic VM because its way easier to setup.
Depending on the type of machine you’ll have more compute power and thus turning out more results. Try a few out and see how you can maximize your Azure credits.

2. Once provisioned, log in using PUTTY or your favorite SSH client. Now it’s time to update the Linux packages and then install the BOINC client:

sudo apt-get update
sudo apt-get install boinc-client

3. Setup auto startup of the BOINC client, so if your machine reboots, you don’t have to go in and start it up yourself (automate all the things remember):

sudo /etc/init.d/boinc-client restart

4. Get your BOINC authentication key so you can hook up the client to your account:

boinccmd --lookup_account https://www.worldcommunitygrid.org

5. Now use the key to attach your selected projects from WCG:

boinccmd --project_attach https://www.worldcommunitygrid.org

Of course you want to check what’s going on, so you can check the BOINC client’s state like this:

boinccmd --get_state

This should give you a list of the tasks and their state. It might take a while before they start kicking in, but you’ll see results coming in after a day or so on the WGC website under your contribution history.

That’s about it. Your client is all set up. All you need to do is keep those VM’s running in the cloud, which normally takes non effort at all. Neat.

There are more boinccmd command line switches in the documentation if you’d need to troubleshoot or find out more.

What’s next? Well, you can set up more than 1 machine if you like, or a heavier one and see what gives you more bang for your buck.¬† You can also join my World Computing Grid team called “Team Azure” and see how many cloud bucks we can burn. It’ll be effortless fun, I promise! ;)

Credit goes to Joel Christian’s headless Ubuntu installation guide. His guide made my quest to setup BOINC on an Azure Ubuntu box a lot easier.

Photo by Dan, cc-licensed.

disable flash and silverlight for safer surfing

Flash, Silverlight and (*gasp*) QuickTime plugins in your browser with the modern web are about as necessary as a horse whip is on a Tesla. Well I might be exaggerating a bit. There are still some useful sites out there that actually use these things. Intranet sites that run on IE only for example, or flaky game sites. But any self-respecting web developer has long ditched them in favor of fancy new HTML5 features.

So why would you still run these things in your favorite browser (Firefox right?) where they only take up extra memory and have a bunch of security problems that might end up causing you trouble. There have been enough exploits for the Flash plugin out there to be sure to actually update those plugins every time they ask for it. Which is about every week if I recall correctly.

Anyway, it’s better to turns those damn things off completely and only turn them on when you hit one of those web sites maintained by a dinosaur. That way you’re stopping that evil hacker from taking over your machine with his Flash exploit and you’re gaining some free performance along the way.

In Firefox you can turn those plugins off in your Tools menu, under Add-ons. Just select “Never activate” and you’ll be fine.
Switch it back to “Ask to Activate” if you’d need them again. That way they’ll never activate by accident either, if you forget to turn it back off.
On Chrome it’s a bit more elaborate, but the option “Let me choose when to run plugin content” sounds like a safe bet instead of having plugin code be ran willy-nilly.
IE? Ha! Who cares right?! For anything else, a properly aimed search query should find you the answer in no time.

Oh, and don’t forget to tweak your Flash security settings if you decide to keep it on after all.

The Firefox add-in screen with all plugins disabled. Just like it should be.

join the EFF summer security reboot and get some cool dice

DSC01217The Electronic Frontier Foundation is on the fore-front when it comes to defending our digital rights. Even as a European I think they are doing important work even though they are mostly US centric. This because whatever happens in the US ripples over the pond and affects Europe and the rest of the world anyway. That means that next to larger fast-food portions increased digital surveillance is on its way to the EU as well.
Next to protecting our digital rights they are the author of a number of awesome security plugins and tools like the HTTPS Everywhere and Privacy Badger browser plugins and a driving force behind the Let’s Encrypt free web site certificate tool set.

Next to a lot of security tools and tips (see the site & newsletter) they now have a Summer Security Reboot fund drive where you can get a cool geeky secure-password generating dice set for a mere $20 membership until the 20th of July.

So if you like what they are doing for a secure and free internet in the future, go check them out and get yourself some cool dice in the process.

If you feel more like donating to a EU centric counterpart of EFF, you can check out EDRI.org instead (no dice there though).

Photo by Violet Blue, cc-licensed.