Hosting, securing, and blogging to WordPress in Azure

I wanted to spike this out into a separate blog post because this is a whole separate issue. As I mentioned, it was easy enough to create a new Azure website from “From Gallery”:

image

image

As discussed, that went well. In fact, so well that you are reading this on this instance of WordPress, on Azure! One loose end though was how to log in securely and more-importantly how to publish new posts securely. I mean, I don’t want to connect over HTTP (clear-text) with my username/password. The last thing I need is someone hijacking my site.

It’s important to note that there is a wildcard SSL certificate for *.azurewebsites.net so that you can use SSL with every website in Azure. However, I wanted to be able to do https://blog.robertseder.com. I opened a ticket with Microsoft on this, and learned that with a “Reserved Instance”, you can’t do this. If you create your own VM you can, but not with the “built-in” hosting.

So, back to the drawing board. What is the real problem? Well, when I go to https://blog.robertseder.com – I get a certificate error because the domain name doesn’t match the certificate. When I am in the browser, I can click continue to still use the site securely, although there is a certificate error. Why is this a problem then? Well, I use “LiveWriter” to write my blog posts. If I try pointing to that address, I get:

image

That is understandable, because there is a certificate error. So, what is the solution? Configure LiveWriter to just point to the https://blog-robertseder.azurewebsites.net/ address. This gives me SSL, and I can still “name” the connection in LiveWriter so that it’s friendly:

image

image

So this too, is another “free” solution with this whole hosting move. I don’t have to buy and maintain an SSL certificate. I don’t need a pretty domain name to submit my blog posts, so this definitely works for me.

One last thing, now I don’t know if it’s needed – but I installed a WordPress plug-in called “WordPress SSL”. I think the main thing it does it bump you over to SSL whenever you go to an admin or login page.

Posted in Computers and Internet, Infrastructure, New Technology, Professional Development, Security, Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Archives
Categories

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 2 other followers

%d bloggers like this: