blog

How to save money on Azure with WebJobs

This blog is hosted on Azure. It is using WordPress, which stores its data in MySQL database hosted by ClearDb. I blogged about the issues with WordPress database size over a year ago. The issue is inserting transient entries into database that are growing its size and exceeding free 20MB ClearDB limit. As I mentioned in this blog post – you can use plugins that clear database for you, or…you can use web jobs. Azure WebJobs is very neat way to perform custom tasks, such as database maintenance, periodically.

I created a web job that is performing database maintenance for me. Everyday it removes ‘transient’ entries from wp_options table to keep my MySQL database under 20MB ClearDB limit.

One problem was: how to do MySQL backup without mysqldump? As you know, there is a Virtual Machine underneath every Azure website. And this VM has MySQL, along with mysqldump installed:

Azure Console: mysqldump

Based on this article I created a small Console App called DbMaintenance that performs 3 mentioned tasks:

  1. Backup database
  2. Remove transient entries from wp_options table.
  3. Backup database

Two backups gives me more confidence that I have my database backed up correctly. Especially because I am performing them before and after the operation that potentially can broke things.

You can customize my app by editing Initialize method. Current paths (for mysqldump and database backup directory) are set for Azure Website. Additionally you have to create directory for backups (D:\home\db-backups). You can do it from the web app console available on the Azure Portal:

mkdir D:\home\db-backup

Once this is done, you need to zip DbMaintenance.exe and MySql.Data.dll file, and create a WebJob. On the Azure Portal go to your web app -> Settings -> WebJobs, and add a new WebJob:

Azure Portal: add WebJob

You can see the status in Settings -> WebJobs -> YOUR_JOB_NAME:

azure webjobs

By clicking on logs column, you can get details about web job:

Azure WebJob: details

And console output from each execution:

Azure WebJob: console output

I configured my WebJob to run everyday. You can also run it on demand, or continuously.

You can find more about Azure WebJobs in this article.


The best domain registrar is Google

I moved all my domains (jj09.net, jedryszek.com, jakubjedryszek.com)

from:

GoDaddy

 

to:

Google Domains

I wanted to move to DNSimple (like Troy Hunt and Scott Hanselman), but I have only 3 domains, and with DNSimple I would have to pay at least $64 (bronze plan = $50/year with 2 free domains + 1 domain for $14), or $80/year (with silver plan that offers up to 10 free domains). That was pretty expensive in comparison to my current price at GoDaddy $44.97 (3 x $14.99).

I started looking for other registrars and I found Google, which beats GoDaddy and DNSimple with price definitely: $12/year for domain with privacy protection (on GoDaddy and DNSimple you have to pay additional $8/year per domain).

Thus for 3 domains with privacy protection I pay $36/year. On GoDaddy I would have to pay $68.94 (almost twice as much), and on DNSimple – $88 (more than twice as much)!

A lot of people love DNSimple interface. Google Domains UI is also super simple. Try it!

For a while I was wondering, where is a catch, but I didn’t find any. This and that article confirms that Google Domains is a new serious player on the domains market.

What domain registrar are you using?


Why programmer should have a blog

Recently a few people were asking me why I have a blog. Some of them were not programmers. It reminded me about the draft of this post, which I have for more than a year now. I planned to extend it, but I think keeping it short, and maybe edit in the future would be a better solution.

The reasons why I have a blog:


Brute Force Attack on my blog

Some time ago I created an Azure alert (thanks to Iris Classon). I did it as a part of my Azure exploration. The rule I created, send me email every time I have more than 1000 requests per hour:

azure alert

I received one or two e-mails in last two weeks and that was fine. High traffic can happen occasionally. Of course I created this rule based on history of the number of requests from the past. However, last night I received 3 e-mails. I checked with Azure Management Portal and number of requests suddenly exploded:

azure alert requests

That was suspicious. To make an investigation I turned on Web Server Logging, which logs all HTTP requests:

azure - logging

Then I found out this:

#Software: Microsoft Internet Information Services 8.0
#Fields: date time s-sitename cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Cookie) cs(Referer) cs-host sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2014-09-02 04:43:35 JJ09 POST /wp-login.php X-ARR-LOG-ID=f22e667c-3b13-4bdf-adf3-816cda8fa0db 80 - 195.211.154.159 Mozilla/4.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+125LA;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.5.21022) - http://jj09.net/wp-login.php jj09.net 200 0 0 4573 787 624
2014-09-02 04:43:36 JJ09 POST /wp-login.php X-ARR-LOG-ID=782db699-4467-418c-8814-7a8cb5ee7175 80 - 195.211.154.159 Mozilla/4.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+125LA;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.5.21022) - http://jj09.net/wp-login.php jj09.net 200 0 0 4573 790 656
2014-09-02 04:43:37 JJ09 POST /wp-login.php X-ARR-LOG-ID=79cb788b-d646-43d7-8012-c31d507557bf 80 - 195.211.154.159 Mozilla/4.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+125LA;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.5.21022) - http://jj09.net/wp-login.php jj09.net 200 0 0 4573 788 1718
2014-09-02 04:43:38 JJ09 POST /wp-login.php X-ARR-LOG-ID=7cc0286e-6b81-4802-851b-d5aaea20daf3 80 - 195.211.154.159 Mozilla/4.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+125LA;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.5.21022) - http://jj09.net/wp-login.php jj09.net 200 0 0 4573 790 703
2014-09-02 04:43:40 JJ09 POST /wp-login.php X-ARR-LOG-ID=29c99e85-4552-49c3-8527-290a3c68ac86 80 - 195.211.154.159 Mozilla/4.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+125LA;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.5.21022) - http://jj09.net/wp-login.php jj09.net 200 0 0 4573 787 718
2014-09-02 04:43:41 JJ09 POST /wp-login.php X-ARR-LOG-ID=49e52af5-b40e-406b-b64b-c80bc8cc6501 80 - 195.211.154.159 Mozilla/4.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+125LA;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.5.21022) - http://jj09.net/wp-login.php jj09.net 200 0 0 4573 787 718
2014-09-02 04:43:42 JJ09 POST /wp-login.php X-ARR-LOG-ID=d40f4c89-932f-4a81-bfc6-cd403ab8b71b 80 - 195.211.154.159 Mozilla/4.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+125LA;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.5.21022) - http://jj09.net/wp-login.php jj09.net 200 0 0 4573 788 671
2014-09-02 04:43:43 JJ09 POST /wp-login.php X-ARR-LOG-ID=7ec01966-00de-47d1-ab35-5fae51898269 80 - 195.211.154.159 Mozilla/4.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+125LA;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.5.21022) - http://jj09.net/wp-login.php jj09.net 200 0 0 4573 787 703

Raw, POST requests to wp-login.php page from the same IP address (195.211.154.159) in every 1-2 seconds!

Looks like brute force attack. I checked this IP on AbuseIPDB. It was repored once:

hacker ip

I also check this IP with ipTRACKERonline:

hacker ip - tracking

Looks like “the hacker” is working from underground!

It is even more interesting how “the attack” stopped:

2014-09-02 04:49:04 JJ09 POST /wp-login.php X-ARR-LOG-ID=d56af862-6675-4d63-aa1e-c5858b222467 80 - 195.211.154.159 Mozilla/4.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+125LA;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.5.21022) - http://jj09.net/wp-login.php jj09.net 200 0 0 4579 787 658
2014-09-02 04:49:05 JJ09 POST /wp-login.php X-ARR-LOG-ID=c63c5285-f667-4b49-a9ca-e6dc6c4a881d 80 - 195.211.154.159 Mozilla/4.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+125LA;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.5.21022) - http://jj09.net/wp-login.php jj09.net 200 0 0 4579 790 718
2014-09-02 04:49:06 JJ09 POST /wp-login.php X-ARR-LOG-ID=820525bb-5972-48d7-b873-e5143f07de60 80 - 195.211.154.159 Mozilla/4.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+125LA;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.5.21022) - http://jj09.net/wp-login.php jj09.net 200 0 0 4579 789 1721
2014-09-02 04:49:21 JJ09 GET / X-ARR-LOG-ID=60ce7301-6f46-4397-a24d-9afda6fe2f62 80 - 137.117.234.219 - - - jedryszek.com 200 0 0 134454 753 1562
2014-09-02 04:50:56 JJ09 GET /sending-email-from-rails-application/&sa=U&ei=5EUFVLr8OYvIgwSntoGABQ&ved=0CNsCEBYwVg&usg=AFQjCNFrPOjfBT525UoKx41tEt5C4PeHYw/xmlrpc.php X-ARR-LOG-ID=2a586af6-67f9-41e3-90fe-3d21deeb545b 80 - 91.205.75.136 Mozilla/5.0+(Windows+NT+5.1;+rv:24.0)+Gecko/20100101+Firefox/24.0 - - jj09.net 404 0 0 93650 839 1407
2014-09-02 04:52:02 JJ09 GET /wp-admin X-ARR-LOG-ID=8feceffd-e44d-4002-b66b-53c9d5ec354e 80 - 24.22.164.96 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit... - jj09.net 301 0 0 570 1540 31

First 3 requests are from “the hacker”. Next one is a request from Azure Scheduler (I was testing Azure Scheduler to ping my blog every 5 mins). Then somebody visited my post about Sending e-mail from Rails application. The last one, is me logging on.

The standard hosting provider will probably require me to send an email asking about logs, and they probably will not have all logs…but on Azure I could just turn it on and check whatever I wanted. This shows the real power of the Cloud!

After this incident I installed BruteProtect plug-in. It claims that since yesterday it blocked 65 attacks on my blog:

BruteProtect

To be honest. I was shocked. I assumed that some attacks happened in the past, but 65 in 1 days? No idea if it is true, but I will give it a try and see what will happen in a week or a month.

Did you have attacks on your blogs/websites? What kind? How did you find out? What did you do to stop it and prevent in the future?


How to add Google Analytics to WordPress blog in the right way

I just found out, that Google Analytics was not counting my blog post pages. Only index page and all other subpages, but not post pages. This pages, which I am linking e.g. on twitter every time I blog!

From some time I was wondering if really only ~10 people are reading my blog. My last post about Getting started with iOS, was visited by 12 people in the day it was published and 10 in the day after.

iOS post stats

Then, on Google Analytics, I went to behavior > ‘site content’ > ‘all pages’ to check how many people visited the blog post page. And…there are no post pages in the statistics at all!

iOS post stats: pages

I knew that it is impossible, because at least I visited the post page. Then I checked statistics on Azure:

iOS post stats: Azure

There are no unique views, but even page views on Google Analytics shows less than 20 per day. I published the post around 11 am, and announced it on twitter 11:18am. Then I got 7030 requests between 12pm and 1pm. It makes sense. Of course 1 Azure request < 1 unique page view. According to Azure Management portal I had 62226 request in last week. How many unique pages views it is? I don’t know and I will never know. But I am sure it is more than 54!

Why Google Analytics didn’t track my posts? I put Google Analytics script in index.php file, in my WordPress theme directory. Apparently I forgot to check if it works for all pages.

Now, I installed Insert Headers and Footers plugin to insert script from Google. As recommended in How to Install Google Analytics in WordPress for Beginners. It seems to be working fine now. Here are statistics from today:

iOS post stats: after Google Analytics script fix

There are also other plugins like Google Analytics for WordPress or Google Analyticator, but they insert Google Analytics snippet based on communication with Google api. It means, that if Google change their API for Google Analytics, plugin may not work. I don’t want to be depend on that and just want to paste customized JS code I obtained from Google.

I also added Azure analytics script. Now, I will be able to cross-check the statistics.