Ever been asked to set up a Reverse Proxy to allow a particular URL on your website to fetch its content from a site somewhere else? It’s not an uncommon requirement, but it seems to cause some configuration challenges too. Having been drafted in to solve some issues with just such a setup recently, here’s a quick description of the stuff I need to remember next time I get this job: Continue reading
Ages ago I wrote myself some notes on setting up Windows Server Essentials on Intel NUC hardware. Recently I did an upgrade on one of these machines, and ended up in a world of pain. Google was very thin on information to help me try and sort this out, so I figured this needed writing up… Continue reading
I’ve been reinstalling some PCs recently, and one of them is the machine I play games on in front of the TV. My eldest child still enjoys a bit of Minecraft every so often, so I needed to put that back on my freshly formatted machine – but this proved more difficult than I was expecting.
I’m pretty sure I must have encountered this issue before, but since googling failed to find my blog, I seem to have failed to write the solution down last time 😉 So, in order to save my future self working this out for third time… Continue reading
I’ve been doing some work with Release Management in Visual Studio Online recently. Overall it’s been a pretty positive experience, but there was one face-palm inducing moment I came across which needs writing down so I don’t fall into the same trap next time I have to do this. When you’re working with local release agents, you mustn’t forget the security settings that your agent’s server is configured with… Continue reading
Every so often I get asked to look at existing Sitecore installs and write up reports on what’s good and what’s not so good about them. I spend time looking at lots of stuff, like the infrastructure, the databases, the code and security. But time after time I find myself writing up a similar issue… Continue reading
The other day I realised that my home server hadn’t sent me it’s daily “Health Report” email. Having done the usual simple test of “is the server up?” and “what happens if I reboot it?”, I ended up digging through the Event Log and Google to work out what was wrong. In case this happens to me again, or happens to you, here’s what I found: Continue reading
One of the big things in IT security in recent times has been the successful attacks black-hats have launched against the infrastructure of cryptography. As we all come to rely on encrypted communications more and more, the vulnerabilities in old ciphers have become more of a problem to us developers and administrators. Vulnerabilities like Drown and Poodle are just two examples of a trend which means we all now have to worry about how our crypto is configured before we allow the internet to see a server.
But whenever you tie down security more tightly you risk causing problems when software relies on the thing you’ve just disabled…
I spent some time recently investigating why certain aspects of the Coveo for Sitecore search framework were broken on a client’s server, and the answer ended up being directly related to crypto security. Here’s what happened: Continue reading