Click here to Skip to main content
14,361,357 members

Welcome to the Lounge

   

For discussing anything related to a software developer's life but is not for programming questions. Got a programming question?

The Lounge is rated Safe For Work. If you're about to post something inappropriate for a shared office environment, then don't post it. No ads, no abuse, and no programming questions. Trolling, (political, climate, religious or whatever) will result in your account being removed.
 
GeneralFrom pillar to post... Pin
Sander Rossel18-Sep-19 0:27
professionalSander Rossel18-Sep-19 0:27 
GeneralRe: From pillar to post... Pin
CodeWraith18-Sep-19 0:39
memberCodeWraith18-Sep-19 0:39 
GeneralRe: From pillar to post... Pin
honey the codewitch18-Sep-19 2:35
memberhoney the codewitch18-Sep-19 2:35 
GeneralRe: From pillar to post... Pin
Sander Rossel18-Sep-19 2:50
professionalSander Rossel18-Sep-19 2:50 
JokeRe: From pillar to post... Pin
honey the codewitch18-Sep-19 2:52
memberhoney the codewitch18-Sep-19 2:52 
GeneralRe: From pillar to post... Pin
PIEBALDconsult18-Sep-19 3:18
protectorPIEBALDconsult18-Sep-19 3:18 
GeneralRe: From pillar to post... Pin
RJOberg18-Sep-19 4:49
professionalRJOberg18-Sep-19 4:49 
GeneralRe: From pillar to post... Pin
kmoorevs18-Sep-19 13:30
memberkmoorevs18-Sep-19 13:30 
Funny you mention DNS issues. I had an issue pop up 7 days ago that caused me to have to re-deploy about dozen apps/utility modules. A hostname for an ftp resource I have used for over 15 years suddenly quit resolving. Confused | :confused:

I checked the a/cname dns records and they check out fine. Confused | :confused: I switch to another hostname listed there and it connects just fine. Smile | :)

Good right? Not quite. Maybe someone else can learn a lesson from this, so here goes:

Over the last 15 years, that ftp hostname had become baked into our desktop apps that utilized ftp...around a dozen or so. Actually, the hostname and username were both hard-coded. The password is actually defaulted but gets it's value from a publicly available xml resource. (encrypted of course!) The idea was that I might need to change the password but never the hostname/username.

Ah, but it really wasn't catastrophic...the secondary ftp resource picked up the slack in most cases. Smile | :) It's nice when careful planning pays off! Smile | :)

Anyhow, I had to change the hard-coded hostname that was failing in those applications to the one that works then recompile/redeploy which was easy enough but wasted half a day doing so.

What I should have done is allow the hostname/username to be fully dynamic like the password but that would have required more time/effort than it was worth. If I were starting over with it, I'd definitely have all the pieces able to be changed on the fly.

Also, nothing to do with DNS, but rather a lesson in IP Based security done poorly, then corrected.

I have a customer with 60+ sites and around 400 or so devices using a couple of Azure web apps. All sites are WAN connected and use a common gateway for the internet. When these apps were developed over 4 years ago, all the sites used a really small set of outbound IP addresses...usually just 2 or 3 in use at a time.

The allowed IP addresses were simply stored in a comma-delimited appSetting in the Azure config section. If they changed, which had become rare, I'd get notified and have to go add the new address to the list. This method worked pretty well until last week when their IT dept. decided to become more granular on the outbound assignments and the number being used jumped to over 20. OMG | :OMG:

My little method suddenly became totally inadequate for the task, so I rewrote it and did it the right way by adding another layer to handle a simple range check. The ranges are added as a comma delimited list of uInt lower and upper values in the Azure config section. The current customer is using 2 distinct ranges.

As before, the client's IP address is checked for a direct match. If a match is not found, the address is converted to a uInt and the range is checked for each range pair. So far this is working well...the hard part was finding a reverse IP tool that gives ranges, then writing a tool that converts those to uInts. Out of about 10 different reverse IP tools, only MXToolbox gave the ranges I needed.

While I'm writing a book, I also took the opportunity to address other shortcomings with the current systems mostly dealing with error logging and reporting. I'm probably going to be scared of what I find! The original method to deal with handled errors was to set a general error message and where appropriate details, then redirect to an error page displaying the reason we are here and a simple email link to report it directly. Very few end users would actually try to report anything, maybe because the mailto link was basic and didn't include a subject or body. D'Oh! | :doh:

The error pages now trigger a database record for logging, unless of course the problem is the database! Laugh | :laugh: To be honest, when I wrote this app over 5 years ago, it was 4 months from the date they asked for it until going live. Their acceptance was based on a really primitive php/MySQL opensource project my business partner found and made me customize enough for a demo. When they finally decided to go a year later, I immediately announced that I was not doing anymore php and that I was starting from scratch. It was a lot of late nights and weekends and a rocky implementation but somewhere after the first week of fixing bad data every night, I got it right and it's been a great little application that requires very little of my time to support/monitor...until one little variable that's out of your control changes and exposes a weakness. I'm leaving it way better than it was before! Smile | :)
"Go forth into the source" - Neal Morse

GeneralCCC WSO 2019-09-18 Pin
Peter_in_278018-Sep-19 0:03
professionalPeter_in_278018-Sep-19 0:03 
GeneralRe: CCC WSO 2019-09-18 Pin
PeejayAdams18-Sep-19 0:08
memberPeejayAdams18-Sep-19 0:08 
GeneralRe: CCC WSO 2019-09-18, a swift winner! Pin
Peter_in_278018-Sep-19 0:10
professionalPeter_in_278018-Sep-19 0:10 
GeneralRe: CCC WSO 2019-09-18, a swift winner! Pin
DRHuff18-Sep-19 4:29
memberDRHuff18-Sep-19 4:29 
GeneralActually surprised the media could even produce such junk Pin
Munchies_Matt17-Sep-19 21:47
memberMunchies_Matt17-Sep-19 21:47 
GeneralRe: Actually surprised the media could even produce such junk Pin
Nelek17-Sep-19 23:03
protectorNelek17-Sep-19 23:03 
GeneralRe: Actually surprised the media could even produce such junk Pin
Munchies_Matt17-Sep-19 23:26
memberMunchies_Matt17-Sep-19 23:26 
GeneralRe: Actually surprised the media could even produce such junk Pin
PeejayAdams17-Sep-19 23:08
memberPeejayAdams17-Sep-19 23:08 
GeneralRe: Actually surprised the media could even produce such junk Pin
Nelek17-Sep-19 23:09
protectorNelek17-Sep-19 23:09 
GeneralRe: Actually surprised the media could even produce such junk Pin
CodeWraith18-Sep-19 0:09
memberCodeWraith18-Sep-19 0:09 
GeneralRe: Actually surprised the media could even produce such junk Pin
Munchies_Matt17-Sep-19 23:28
memberMunchies_Matt17-Sep-19 23:28 
GeneralRe: Actually surprised the media could even produce such junk Pin
ZurdoDev18-Sep-19 2:04
professionalZurdoDev18-Sep-19 2:04 
GeneralRe: Actually surprised the media could even produce such junk Pin
Munchies_Matt18-Sep-19 2:15
memberMunchies_Matt18-Sep-19 2:15 
GeneralRe: Actually surprised the media could even produce such junk Pin
ZurdoDev18-Sep-19 3:10
professionalZurdoDev18-Sep-19 3:10 
GeneralRe: Actually surprised the media could even produce such junk Pin
Slacker00718-Sep-19 2:36
professionalSlacker00718-Sep-19 2:36 
GeneralRe: Actually surprised the media could even produce such junk Pin
Munchies_Matt18-Sep-19 2:37
memberMunchies_Matt18-Sep-19 2:37 
Generaland after all that Pin
honey the codewitch17-Sep-19 19:20
memberhoney the codewitch17-Sep-19 19:20 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.