We got caught out recently by significantly high usage of AWS CloudWatch, and realised we’d been spending $1000/month more than expected. After tracking down the cause (one of the team had turned on detailed instance monitoring) – I wanted to ensure we had a bit more of a heads up next time. We had budgets set for all the major … Read more “Simple catch-all AWS budgets”
It appears there’s now another tool in the arsenal for those looking at implementing BeyondCorp style security model, with the arrival of OIDC authentication support in AWS’s application load balancer. It adds to a growing list of possiblities, at least for HTTP-based services. Who needs VPN anyway?
The options I’m aware of now include:
- Bitly’s oAuth2 proxy – a simple
I admit it. I still haven’t taken the plunge to #DeleteFacebook. I can’t remember the last time I posted anything on it, but friends still invite me to events and send me messages via Messenger. Likewise, I haven’t brought myself to using VPN as standard, or Tor for that matter!
That said, here’s some things you might like to try, … Read more “Not ready to #DeleteFacebook? Here’s some baby steps…”
Last weekend I was at Womad festival, helping kids fire exploding cows from catapults in Minecraft. Not my usual line of work as CTO, or typical festival experience for that matter!
I was volunteering with Devoxx4Kids who organise events worldwide where children can develop computer games, program robots and also have an introduction to electronics. CERN had invited Devoxx4Kids to … Read more “Exploding cows in Minecraft…”
… and regardless of cloud provider, it’s (probably) costing you 2x what it would on dedicated kit. So AWS could be costing you 4x what it would cost to license on dedicated hardware.
Disclaimer: I am certainly not a SQL Server licensing expert, nor that much of a cloud expert. The purpose of this post is to hopefully prove that … Read more “Licensing SQL Server in AWS? It’s up to twice as expensive as Azure or Rackspace Cloud.”
Today I head to Gran Canaria for a month. Not for holiday, but to work. I’ll be leaving my friends and work colleagues back in London, whilst trying to convince them that this isn’t all about sitting on a beach and surfing all day long.
I’ve always read with admiration and a fair dose of jealousy the stories from various … Read more “Starting a remote working journey”
NDepend is an analysis tool giving you all kinds of code quality metrics, but also tools to drill down into dependencies, and query and enforce rules over your code base.
There’s a version that integrates with Visual Studio, but there’s also a version that runs on the console to generate static reports, and enforce any code rules you might have … Read more “Integrating NDepend metrics into your Build using F# Make & TeamCity”
I’ve previously depended a little too much on TeamCity to construct our build process, but have been increasingly shifting everything to our build scripts (and therefore source control).
We’ve been using F# make – an awesome cross platform build automation tool like make & rake.
As an aside (before you ask): The dotCover support in TeamCity is already excellent – … Read more “Code coverage using dotCover and F# make”
If you’re running a HTTPS-only web application, then you probably have requireSSL set to true in your web.config like so:<httpCookies requireSSL="true" httpOnlyCookies="true"
With requireSSL set, any cookies ASP.NET sends with the HTTP response – in particular, the forms authentication cookies – will have the “secure” flag set. This ensures that they will only be sent to your website when … Read more “SSL Termination and Secure Cookies/requireSSL with ASP.NET Forms Authentication”
As it took far too much Googling to find this, if you need to access the AppData folder for the System account, go here:
C:\Windows\System32\config\systemprofile\AppData\Local C:\Windows\SysWOW64\config\systemprofile\AppData\Local I hit this because we needed to clear the NuGet package cache for a TeamCity build agent which was running as a service under the System account.
At FundApps we run a regular SkipFish scan against our application as one of our tools for monitoring for security vulnerabilities. In order for it to test beyond our login page, we need to provide a valid .ASPXAUTH cookie (you’ve renamed it, right?) to the tool.
Because we want to prevent Cross-site request forgeries to our login pages, we’re using … Read more “Get ASP.NET auth cookie using PowerShell (when using AntiForgeryToken)”
GulpJS is a great Node-based build system following in the footsteps of Grunt but with (in my opinion) a much simpler and more intuitive syntax. Gulp takes advantage of the streaming feature of NodeJs which is incredibly powerful, but means in order for you to get the most out of Gulp, you certainly need some understanding of what is going … Read more “Using Gulp – packaging files by folder”