Firstly, for those not familiar with MTA-STS OR CloudFlare Workers I will give a brief introduction to each. MTA-STS (Mail Transfer Agent Strict Transport Security) is an email security standard designed to make it harder for an attacker to get emails sent to an alternative location and to prevent attackers downgrading email encryption on emails … Read more
Recently it was brought to my attention that one of our Azure SQL managed instances was not sending SMTP mail via our on prem SMTP server, with an error suggesting it could not make a network connection. But, surely not… I had checked the outbound NSG rules and on prem firewall rules, in both cases … Read more
I recently came across a problem where a couple of our Azure SQL VMs (Yeah, I know.) were failing their differential backups because of a broken backup chain. The order of backups was as follows: SQL full backup taken Sunday 8pm – Successful SQL differential backup taken Monday 8pm – Successful Azure VM backup taken … Read more
When selecting the isolate users options as shown below in IIS there is an unwritten requirement to put all user folders under the FTP site root directory in a folder called “LocalUser”. This can cause issues, let me explain why… When enabling this setting it will lock users into a directory named as their username … Read more
Often it can be useful for other teams and departments to edit and run their own Azure automation runbooks, however, this creates a challenge – permissions. Runbooks live and are managed from within Azure Automation accounts which are in turn connected to log analytics workspaces and their associated agents. Both automation accounts and log analytics … Read more