Reducing memory consumption for dynamic tabular data

At FundApps we had a semi-dynamic data schema, which could be defined by our regulatory team in accordance with the market data required to enforce regulations. Imagine a table of stock holdings like the below, with potentially millions of rows, and possibly a few hundred column headers. The data was sparse, but with much overlap in data according to the… Read more “Reducing memory consumption for dynamic tabular data”

Simple catch-all AWS budgets

We got caught out recently by significantly high usage of AWS CloudWatch, and realised we’d been spending $1000/month more than expected. After tracking down the cause (one of the team had turned on detailed instance monitoring) – I wanted to ensure we had a bit more of a heads up next time. We had budgets set for all the major… Read more “Simple catch-all AWS budgets”

BeyondCorp proxy possibilities on AWS, Google Cloud, Azure

It appears there’s now another tool in the arsenal for those looking at implementing BeyondCorp style security model, with the arrival of OIDC authentication support in AWS’s application load balancer. It adds to a growing list of possiblities, at least for HTTP-based services. Who needs VPN anyway? The options I’m aware of now include: Bitly’s oAuth2 proxy – a simple… Read more “BeyondCorp proxy possibilities on AWS, Google Cloud, Azure”

Licensing SQL Server in AWS? It’s up to twice as expensive as Azure or Rackspace Cloud.

… and regardless of cloud provider, it’s (probably) costing you 2x what it would on dedicated kit. So AWS could be costing you 4x what it would cost to license on dedicated hardware. Disclaimer: I am certainly not a SQL Server licensing expert, nor that much of a cloud expert. The purpose of this post is to hopefully prove that… Read more “Licensing SQL Server in AWS? It’s up to twice as expensive as Azure or Rackspace Cloud.”

Integrating NDepend metrics into your Build using F# Make & TeamCity

NDepend is an analysis tool giving you all kinds of code quality metrics, but also tools to drill down into dependencies, and query and enforce rules over your code base. There’s a version that integrates with Visual Studio, but there’s also a version that runs on the console to generate static reports, and enforce any code rules you might have… Read more “Integrating NDepend metrics into your Build using F# Make & TeamCity”

Code coverage using dotCover and F# make

I’ve previously depended a little too much on TeamCity to construct our build process, but have been increasingly shifting everything to our build scripts (and therefore source control). We’ve been using F# make – an awesome cross platform build automation tool like make & rake. As an aside (before you ask): The dotCover support in TeamCity is already excellent –… Read more “Code coverage using dotCover and F# make”

SSL Termination and Secure Cookies/requireSSL with ASP.NET Forms Authentication

If you’re running a HTTPS-only web application, then you probably have requireSSL set to true in your web.config like so: <httpCookies requireSSL="true" httpOnlyCookies="true" With requireSSL set, any cookies ASP.NET sends with the HTTP response – in particular, the forms authentication cookies – will have the “secure” flag set. This ensures that they will only be sent to your website when… Read more “SSL Termination and Secure Cookies/requireSSL with ASP.NET Forms Authentication”

AppData location when running under System user account

As it took far too much Googling to find this, if you need to access the AppData folder for the System account, go here: C:\Windows\System32\config\systemprofile\AppData\Local C:\Windows\SysWOW64\config\systemprofile\AppData\Local I hit this because we needed to clear the NuGet package cache for a TeamCity build agent which was running as a service under the System account.

Get ASP.NET auth cookie using PowerShell (when using AntiForgeryToken)

At FundApps we run a regular SkipFish scan against our application as one of our tools for monitoring for security vulnerabilities. In order for it to test beyond our login page, we need to provide a valid .ASPXAUTH cookie (you’ve renamed it, right?) to the tool. Because we want to prevent Cross-site request forgeries to our login pages, we’re using… Read more “Get ASP.NET auth cookie using PowerShell (when using AntiForgeryToken)”

Using Gulp – packaging files by folder

GulpJS is a great Node-based build system following in the footsteps of Grunt but with (in my opinion) a much simpler and more intuitive syntax. Gulp takes advantage of the streaming feature of NodeJs which is incredibly powerful, but means in order for you to get the most out of Gulp, you certainly need some understanding of what is going… Read more “Using Gulp – packaging files by folder”

Forms Authentication loginUrl ignored

I hit this issue a while back, and someone else just tripped up on it so thought it was worth posting here. If you’ve got loginUrl in your Forms Authentication configuration in web.config set, but your ASP.NET Forms or MVC app has suddenly started redirecting to ~/Account/Login for no apparent reason, then the new simpleMembership(ish) provider is getting in the… Read more “Forms Authentication loginUrl ignored”

Achieving an A+ grading at Qualys SSL Labs (Forward Secrecy in IIS)

At FundApps we love the SSL Labs tool from Qualys for checking best practice on our SSL implementations. They recently announced a bunch of changes introducing stricter security requirements for 2014, and a new A+ grade – so I was curious what it would take to achieve the new A+ grading. There are a few things required to now achieve… Read more “Achieving an A+ grading at Qualys SSL Labs (Forward Secrecy in IIS)”