I’ve been working on a lot of things lately, but one thing hanging over my head is my internet “stuff”. I had several domains hosted in Azure from my old BizSpark account. That expired and I needed to get all of it organized and onto my new BizSpark account.
Well, I finally did that. I decided instead of hosting “websites” in Azure, I would just stand up a Windows Server 2012 R2 and host everything in that. At this point, everything is migrated and cleaned-up. The only tricky parts were the WordPress database migration (and URL change) and dealing with the firewalls. The server operating system has a firewall, and Azure also has a firewall in front of your server. So, you have to open up holes and set ACL’s accordingly. As you might imagine,
Before, this blog used the WordPress website template in Azure – which is nice and simple but:
A) the website was always very slow (4-8 seconds per page click). On this new VM I see sub-second to maybe 2 seconds per click!!
B) I found out after-the-fact that if you used more than 20MB of content on your blog, you HAD to use an external vendor (ClearDB) who charged money for hosting MySQL. Even though I had Azure credit to host it locally, I couldn’t. I ranted about that here if you’re interested.
Lastly, for myself, here is a list of some of the things I did which might be blog-worthy – so let me write those down here. If I get a chance to write this up, I‘ll update this post to point to new posts:
- Picking a VM – Azure options for choosing which size/scale server. How to set up storage accounts, and mount a second hard drive where you can do live backups.
- Securing Access to the VM – Configure Azure and VM so that only I can even attempt to connect via RDP or PowerShell
- Server lockdown – installing only the bare minimum of what you need, including IIS options – to reduce the security exposure footprint.
- Web Deploy – Installing and configuring “Web Deploy” so that I can securely “publish” websites directly from Visual Studio (or potentially from a TFS build).
- MySQL install and lockdown – Installing MySQL and being able to connect to it securely from home (and so ONLY I can even attempt to connect)
- MySQL data migration – Using MySQL Workbench to import/export the data from the old database to the new database
- IIS setup – In IIS. setting up multiple domains, setting the “host headers”; requesting an SSL certificate, installing it, setting the binding to use it
- Google authenticator – I use two-factor authentication on this blog, and the Google authenticator got out of sync, so I couldn’t log in. I had to do a few things to temporarily disable it (from the server), login, then fix it.
Anyhow, so now I have everything hosted on one machine and the setup is really pretty straight-forward. …with that said, please let me know if you see anything awry!