Tags: Security

WEBSITE_VNET_ROUTE_ALL and Azure Functions

Azure Benjamin Perkins

This would apply to Azure App Services too. This is an interesting feature.  To me it resembles or provides the ability to force tunnel.  The implementations of forced tunneling I have seen have typically been configured using route tables.  Where the route table is a matrix of IP addresses (see Figure 6) that instructs TCP […]

Read More →

Microsoft Authenticator App

Security Cyber Benjamin Perkins

If you are still using UID and Password as the only means for authentication, you might consider implementing Multi Factor Authentication (MFA).  One way to do this is by using the Microsoft Authenticator App which you can read all about it here.  I am writing this mostly to help me remember how I configured it […]

Read More →

Create an Azure Key Vault and Secret

Azure Benjamin Perkins

Storing, for example, a database connection string which include server name, user id and password in source code or in a configuration file is what is called ‘password leaking’.  That means that anyone who has access to application source code can search through and get access to the database, because the information required to connect […]

Read More →

TLS on Azure App Services

Azure App Service Benjamin Perkins

I wrote this article some time ago “How to disable TLS 1.0 on an Azure App Service Web App” that explains some of the reasons TLS was not configurable on the Azure App Service platform.  There were many customers who wanted to disable TLS 1.0 so they could remain or become PCI compliant and at […]

Read More →

Always get "Authorization has been denied for this request." ASP.NET Web API

ASP.NET Benjamin Perkins

I was creating an ASP.NET Web API today and when I called one of the Web APIs (/api/values) I got the following response: {“Message”:”Authorization has been denied for this request.”} It turns out by default ‘Individual User Accounts” authentication is enabled by default.  See Figure 1. Figure 1, {“Message”:”Authorization has been denied for this request.”} […]

Read More →