Category Archives: Web Application Development

When to Use Cloud Resources

Motivation:

  • You are using on-premises virtual servers and storage for your services.
  • You wonder whether you should move your services to public cloud, such as AWS or Azure or Google Cloud, in order to reduce hardware and maintenance cost.

Suggestions:

  1. It is common that cloud resources for system running 24/7 are much more expensive than private resources.

  2. Cloud resources are suitable for 
    • a very big system that needs to be run only once within limited time, or
    • startup with many consolidated services on single small virtual server, or
    • testing purpose, or
    • a very big company with big budget who want reliable and elastic resources.

       

      How to Reduce Salesforce Licenses Cost

      Motivation:

      • You are using Salesforce for your daily work. It works very well but the cost is too expensive.
      • You want to find  a way to reduce Salesforce licenses cost.

      Suggestions:

      1. Salesforce cost depends on a selected Edition and number of user licenses.

      2. An edition is selected based on features that an ORG needs.

      For example, an ORG that needs the API and Flows feature for custom development has to choose Professional or Enterprise edition.

      The number Flows are very limited for Professional edition (5 flows).

      However the max number of flows of the Enterprise edition is 2000 that may be too many for a small business too.

      This may be Salesforce intention that they want customers to use Enterprise edition.

      3. A license price depends on the selected edition. For example, an ORG needs to  pay $150 /user/month for the Enterprise edition.

      4. A User License may be Salesforce License or Salesforce Platform License. A Profile defines permissions. A Profile with login is attached to one User License (except the case that the Profile is used for Community portal users).

      5. Assume that an ORG may use 13 User Licenses: 5 System Administrators (5 Salesforce Licenses) and 8 Platform Users (8 Salesforce Platform Licenses).

      In order to reduce the cost the ORG may consider some strategies below.

      • The ORG may use shared account for all the employees who have the same responsibilities (tasks) if possible.
      • The ORG may retain only 2 Salesforce licenses: One is for API access and development, and the other is for administrative tasks.
      • The ORG may change appropriate licenses from Salesforce license to Platform license if they do not use the built-in Leads, Opportunities, Forecasts, Cases, and Solutions.
      • The ORG should disable all unused accounts.
      • The ORG may develop Community portal for some user types and move all these users from Platform license to Community license.
      • If you are using Salesforce development platform then try moving your custom development features to another cheaper development platform, such as Zoho Creator.
      • If you are using Salesforce CRM as is then try moving your business workflows and data to another cheaper provider, such as EspoCRM.

       

        How to Back Up and Restore IIS App Pool and Site Settings

        Motivation:

        You want to back up and restore IIS app pool and site settings.

        Solution:

        1. Open Command Prompt (Admin) and execute commands below to export IIS app pool and site settings to XML files.

        %windir%\system32\inetsrv\appcmd list apppool /config /xml > \\192.168.101.140\BCDR\WEBBC02\E\inetpub\apppools.xml
        %windir%\system32\inetsrv\appcmd list site /config /xml > \\192.168.101.140\BCDR\WEBBC02\E\inetpub\sites.xml

        2. Remove all existing IIS app pools and sites, then execute the command below to import IIS app pool and site settings from XML files.

        %windir%\system32\inetsrv\appcmd list apppool /config /xml < \\192.168.101.140\BCDR\WEBBC02\E\inetpub\apppools.xml
        %windir%\system32\inetsrv\appcmd list site /config /xml < \\192.168.101.140\BCDR\WEBBC02\E\inetpub\sites.xml

        How to Select a .NET Framework

        Motivation:

        You need to select a .NET framework for your new project or for upgrading a legacy system.

        However there are too many .NET framework branches so you are not sure which one is suitable with your need.

        Guidelines:

        You need to review the history of .NET framework and the differences among the various branches that include .NET Framework, ASP.NET Web Forms, ASP.NET MVC, .NET Core and .NET 6.

        1. .NET Framework

        The main purpose of .NET Framework is for building Windows Forms Applications.

        • .NET Framework 1.0 was released in 2002.
        • .NET Framework 2.0 was released in 2005.
        • .NET Framework 3.0 was released in 2006.
        • .NET Framework 3.5 was released in 2007.
        • .NET Framework 4.0 was released in 2010.
        • .NET Framework 4.5.2 was released in 2014.
        • .NET Framework 4.8 (the latest version) was released in 2019.
        2. ASP.NET Web Forms

        ASP.NET Web Forms was built on top of .NET Framework.

        The main purpose of ASP.NET Web Forms is for building ASP.NET Web Forms Applications (multiple page web applications).

        3. ASP.NET MVC

        ASP.NET Web Forms does not follow MVC architecture pattern. Therefore MS built ASP.NET MVC.

        ASP.NET MVC was built on top of .NET.

        ASP.NET MVC is open-source software, apart from the ASP.NET Web Forms, which is proprietary.

        The main purpose of ASP.NET MVC is for building ASP.NET MVC Applications (multiple page web applications based on MVC architecture pattern).

        • ASP.NET MVC 1.0 was released in 2009 (It was built on top of .NET Framework 3.5).
        • ASP.NET MVC 2.0 was released in 2010 (It was built on top of .NET Framework 4.0).
        • ASP.NET MVC 5.2.8 (the latest version) was released in 2022 (It was built on top of .NET Framework 4.8).
        4. .NET Core

        .NET Framework does not run on Linux or Unix and is proprietary. Therefore MS built .NET Core.

        .NET Core runs on Windows, Linux and Unix, and is open-source software.

        • .NET Core 1.0 was released in 2016.
        • .NET Core 3.1 was released in 2019.
        • .NET Core then was renamed to just .NET in 2020 and .NET 5 was released in 2020. The .NET 4 name was not used to avoid name collision with .NET Framework.
        • .NET 6 (the latest version) was released in 2021.

        The main purpose of .NET Core or .NET is for building Windows Forms Applications, ASP.NET MVC Applications and Single Page Applications that run on Windows, Linux and Unix.

        The ASP.NET Web Forms Application type was removed from .NET Core or .NET.

        5. .NET 6

        Currently (in 2022) MS supports 2 branches of .NET:

        • .NET Framework 4.8 (containing Windows Forms Applications, Web Forms Applications, and ASP.NET MVC Applications) and
        • .NET 6 (containing Windows Forms Applications, ASP.NET MVC Applications and Single Page Applications).

        Both .NET Framework 4.8 and .NET 6 support building microservices.

        6. Final thoughts

        For a new system, you probably should use .NET 6.

        For a legacy system, if you are using ASP.NET Web Forms then you may stick with .NET Framework 4.8. Otherwise you may upgrade your system to .NET 6.

         

         

        How to Fix IIS Express HTTPS Error

        Problem:

        You have created an ASP.NET web application with HTTPS.

        You ran the application on https://localhost:5001 and got the “ERR_CONNECTION_RESET” error.

        Solution:

        1. Open Command Prompt with admin rights.

        2. Type and press Enter

        cd "C:\Program Files (x86)\IIS Express"

        3. Type and press Enter

        IISExpressAdminCmd.exe setupsslUrl -url:https://localhost:5001/ -UseSelfSigned

        Change 5001 in the command above to the port you’re trying to use.

         

        How to Fix a Hacked WordPress Website

        Problem:

        When you visit your WordPress website you are randomly redirected to unwanted websites.

        Verification:
        • Log in your website as an Administrator.
        • Go to Appearance >> Theme File Editor.
        • Click on the Theme Functions link on the right side.
        • Verify if malicious code was injected into the functions.php file. Example of malicious code:
          <?php @ini_set('display_errors', '0'); 
          error_reporting(0); 
          global $zeeta;
        • Download the wp-config.php file to your machine via FTP or SSH.
        • Verify if malicious code was injected into the wp-config.php file. Example of malicious code:
          include_once(ABSPATH . WPINC . '/header.php');
        Solution:
        • Stop the website.
        • Download the whole website to your local machine.
          cd /var/hosting/huybien.com
          ls
          sudo zip -r huybien.zip /var/hosting/huybien.com/html
        Configuration:
        • Log in your website as an Administrator.
        • Change your Administrator’s password.
        • Change file owner and group to www-data:
          sudo chown -R www-data:www-data /var/hosting/huybien.com/html
        • IMPORTANT STEP – Set minimum permissions for folders and files:
          cd /var/hosting/huybien.com/html
          sudo find . -type d -exec chmod 755 {} \; # directory permissions rwxr-xr-x
          sudo find . -type f -exec chmod 644 {} \; # file permissions rw-r--r--
        • Remove all the unused plug-ins or themes.
        • Install, activate and configure a CAPTCHA plug-in to protect Login Form, Registration Form, Lost Password Form, Reset Password Form and Comment Form if there is no one.
        • Disable insecure FTP access if there is one.
        • Install and activate the Simple History plugin to review access to your website. After 1 or 2 days, review the access information, and possibly block the malicious IP addresses using the Windows Firewall.
        • Install, activate and configure Cerber Security plug-in to automatically detect and block the malicious IP addresses.
        • Back up database.
          cd /home/ubuntu
          ls
          mysqldump -u root -p -h localhost huybiencomwp > huybiencomwp.sql
        • Back up files.
          cd /home/ubuntu
          ls
          sudo zip -r /home/ubuntu/huybien.zip /var/hosting/huybien.com/html
        • Download database and files backup.
        • Remove the backups.
          sudo rm -rf /home/ubuntu/huybiencomwp.sql
          sudo rm -rf /home/ubuntu/huybien.zip
          ls

         

        How to Manually Install PHP 7.4 on Windows Server 2019

        Motivation:

        • You want to deploy a PHP application or WordPress on Windows Server 2019.
        • You want to update PHP to any version to address compatibility or security issues in Windows.
        • You want to understand how PHP works with IIS.

        Solution:

        • Install CGI for IIS on Turn Windows features on or off > Internet Information Services > World Wide Web Services > Application Development Features > CGI.
        • Download VC15 x86 Non Thread Safe package here or under PHP 7.4 section from http://windows.php.net/download/
        • Extract the ZIP file to the C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86 folder.
        • Rename the php-.ini-development file to php.ini.
        • Open the php.ini file and add the following line at the end of the file.
          extension=php_wincache.dll
        • Uncomment the following lines
          fastcgi.impersonate = 1;
          
          cgi.fix_pathinfo=1;
          cgi.force_redirect = 1 (and change the value to 0, i.e. cgi.force_redirect = 0)
          
          extension_dir = "C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86\ext"
          
          extension=php_curl.dll
          extension=php_fileinfo.dll
          extension=php_mbstring.dll
          extension=php_exif.dll
          extension=php_mysqli.dll
          extension=php_pdo_mysql.dll
          extension=php_openssl.dll
          
          error_log = "C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86\php_errors.log"
          
          error_log = syslog
        • A sample php.ini file can be download here.
        • Add C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86 to System Path.
        • Download x86 package of WinCache 2.0 for PHP 7.4 here or from https://sourceforge.net/projects/wincache/.
        • Extract and copy the php_wincache.dll file to C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86\ext
          folder.
        • Open IIS, click on Server name, double click on Handler Mappings, click on Add Module Mapping, and enter below information.
          Request path = *.php
          
          Module = FastCgiModule
          
          Executable = "C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86\php-cgi.exe"
          
          Name = PHP 7.4
          
          Request Restrictions = File or folder
        • Download and install VC_redist.x86.exe of Microsoft Visual C++ Redistributable for Visual Studio 2019 here or on https://visualstudio.microsoft.com/downloads/#microsoft-visual-c-redistributable-for-visual-studio-2019
        • en a Command Prompt, execute below command and ensure that NO WARNINGS APPEAR.
          php --version
        • Create phpinfo.php file with below content in the root website folder.
          <?php phpinfo(); ?>
        • Open http://localhost/phpinfo.php URL and verify PHP information.

         

        How to move a WordPress instance from one server to another Linux server

        Motivation:

        You want to move a WordPress instance from one server to another to consolidate your websites to reduce cost.

        Solution:

        Install and use below Duplicator plugin to achieve your goal.

        https://wordpress.org/plugins/duplicator/

        User guide: https://snapcreek.com/duplicator/docs/quick-start/

        If everything goes well for you then congratulation!

        Otherwise, please review below possible problems and corresponding solutions.


        Problem 1:

        You don’t have a website on the new server.

        Solution 1:

        1. Create a new virtual host in the /etc/httpd/conf/httpd.conf

        <VirtualHost *:80>
        ServerName example.com
        ServerAlias www.example.com
        DocumentRoot "/var/www/www.example.com"
        </VirtualHost>

        2. Set 775 permission for /var/www/www.example.com

        3. Restart httpd service

        sudo systemctl restart httpd

        Problem 2:

        You are using Amazon Linux 2 server.

        You are logged in as ec2-user.

        You use WinSCP to upload files and edit configuration files.

        You cannot modify /etc/httpd/conf/httpd.conf and /etc/php.ini.

        Solution 2:

        1 View permission settings for the file

        ls -ld /etc/httpd/conf/httpd.conf

        The result indicates that the file owner is root user and root group, not ec2-user.

        2. View groups of a user

        groups ec2-user

        The result indicates that the ec2-user does not belong to root group.

        3. Add a user to root group

        sudo usermod -a -G root ec2-user

        4. Grant Read-Write permission against a file to root group

        sudo chmod g+rwx /etc/httpd/conf/httpd.conf
        sudo chmod g+rwx /etc/php.ini

        5. Logout and login to the server again.


        Problem 3:

        You are using Amazon Linux 2 server. The ZipArchive feature is missing.

        Solution 3:

        1. Execute below commands:

        sudo amazon-linux-extras install php7.2
        sudo yum install php-pear php-devel gcc libzip-devel zlib-devel
        sudo pecl install zip-1.13.5 # we must specify a slightly older version due due to compatibility

        2. Add “extension=zip.so” to /etc/php.ini

        3. Restart the server

        sudo reboot

        Problem 4:

        You don’t have a WordPress database on the new Linux server.

        Solution 4:

        Execute below MySQL commands:

        CREATE USER 'username'@'localhost' IDENTIFIED BY 'password';
        CREATE DATABASE `wp_database`;
        GRANT ALL PRIVILEGES ON `wp_database`.* TO "username"@"localhost";
        FLUSH PRIVILEGES;

        Problem 5:

        An database error occurs while restoring a website.

        Solution 5:

        1. Execute below commands to remove the website:

        sudo chown -R ec2-user:apache /var/www/example.com
        sudo chmod 2775 /var/www/example.com && find /var/www/example.com -type d -exec sudo chmod 2775 {} \;
        find /var/www/example.com -type f -exec sudo chmod 0664 {} \;
        rm -r /var/www/example.com

        2. Upload the Duplicator files again, and restore the website again.


        Problem 6:

        No write access against /var/www/example.com is available for Duplicator.

        Solution 6:

        1. Execute below commands:

        sudo chown -R ec2-user:apache /var/www/example.com
        sudo chmod 2775 /var/www/example.com && find /var/www/example.com -type d -exec sudo chmod 2775 {} \;
        find /var/www/example.com -type f -exec sudo chmod 0664 {} \;

        2. Run http://example.com/installer.php again.

        How to Manually Install PHP 8.1 on Windows 10

        Motivation:

        • You want to understand how PHP works with IIS.
        • You want to prepare a PHP or WordPress development environment on Windows.
        • You want to update PHP to any version to address compatibility or security issues on Windows.

        Solution:

        • Install CGI for IIS on Turn Windows features on or off > Internet Information Services > World Wide Web Services > Application Development Features > CGI.
        • Download VS16 x64 Non Thread Safe package under PHP 8.1 section on https://windows.php.net/download/.
        • Extract the ZIP file to C:\Program Files\php-8.1.10-nts-Win32-vs16-x64 folder.
        • Download the cacert.pem file and move it to the C:\Program Files\php-8.1.10-nts-Win32-vs16-x64\extras\ssl folder.
        • Copy the php-.ini-development file to php.ini.
        • Open the php.ini file and uncomment the following lines
          fastcgi.impersonate = 1;
          
          cgi.fix_pathinfo=1;
          cgi.force_redirect = 1 (and change the value to 0, i.e. cgi.force_redirect = 0)
          
          extension_dir = "C:\Program Files\php-8.1.10-nts-Win32-vs16-x64\ext"
          
          extension=curl
          extension=fileinfo
          extension=gd
          extension=gettext
          extension=mbstring
          extension=exif ; Must be after mbstring as it depends on it
          extension=mysqli
          extension=openssl
          extension=pdo_mysql
          
          error_log = "C:\Program Files\php-8.1.10-nts-Win32-vs16-x64\php_errors.log"
          
          error_log = syslog
          
          curl.cainfo = "C:\Program Files\php-8.1.10-nts-Win32-vs16-x64\extras\ssl\cacert.pem"
          
          openssl.capath="C:\Program Files\php-8.1.10-nts-Win32-vs16-x64\extras\ssl\cacert.pem"
        • Add C:\Program Files\php-8.1.10-nts-Win32-vs16-x64 to SYSTEM PATH.
        • Restart your machine.
        • Open cmd and execute the command below to ensure that the PHP file can be found in the SYSTEM PATH.
          php --version
        • Open IIS, click on Server name, double click on Handler Mappings > Add Module Mapping with below information.
          Request path = *.php
          
          Module = FastCgiModule
          
          Executable = "C:\Program Files\php-8.1.10-nts-Win32-vs16-x64\php-cgi.exe"
          
          Name = PHP 8.1
          
          Request Restrictions = File or folder
        • Create phpinfo.php file with below content in the root website folder.
          <?php phpinfo(); ?>

         

         

        How to Use Let’s Encrypt

        Motivation:

        Why use an SSL/TLS certificate to secure your website?

        – To protect your website users from man-in-the-middle attacks.

        – To ensure the integrity of the data being sent to your website.

        Why use Let’s Encrypt SSL/TLS certificate?

        – Because it is FREE.

        Tested environment:

        1. Windows Server 2016/IIS 10
        2. win-acme.v2.2.6.1571.x64.pluggable
        3. Ubuntu 18.04
        4. certbot 0.27.0

        On Windows and IIS:

        1. If you are using a cloud provider then ensure that HTTP and HTTPS service are enabled on cloud firewall.
        2. Log in a Windows server.
        3. Download  win-acme.v2.2.6.1571.x64.pluggable.zip on https://github.com/win-acme/win-acme/releases.
        4. Unzip the files to C:\inetpub\win-acme.v2.2.6.1571.x64.pluggable.
        5. Open Command Prompt (Admin) and execute below commands.
          cd C:\inetpub\win-acme.v2.2.6.1571.x64.pluggable
        6. Type wacs.exe and press Enter
        7. Follow the instructions.
        8. Open Task Scheduler and ensure that a task with description “Check for renewal of ACME certificates.” has been created.
        9. Open Firewall port 443 if needed.
        10. Open the selected website using HTTPS protocol.
        11. Update emails to which notifications will be sent: Open wacs.exe, type O, then A, then y, and enter an email.
        12. Remove website from automatic renewal:
          wacs.exe --list // Copy the exact name between ": " and " - renewed" without quotes. // Example: [IISBinding] huybien.com 
          wacs.exe --cancel --friendlyname "[IISBinding] huybien.com"

        Redirecting HTTP to HTTPS in IIS7:

        1. Install the Microsoft URL Rewrite Module if needed.
        2. Make sure Require SSL is NOT checked under SSL Settings for your website.
        3. Copy and paste the following code between the <rules> and </rules> tags in your web.config file in your website root directory.
        <rule name="HTTP to HTTPS redirect" stopProcessing="true">
          <match url="(.*)" />
            <conditions>
              <add input="{HTTPS}" pattern="off" ignoreCase="true" />
            </conditions>
          <action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
        </rule>

        4. Open your site using HTTP protocol and ensure that you are redirected to the HTTPS site.

        Multiple SSL Certificates per IP Address

        1. You have to use Server 2012 IIS to support Server Name Indication (SNI) which allows you to bind multiple SSL certificates to a single IP Address.
        2. Please repeat the Procedure for each site, then go to the IIS site, Bindings and ensure that the check box Require Server Name Indication is selected and the corresponding SSL Certificate is selected.
        3. Please be noted that SNI does not work with Windows XP clients.

        On Ubuntu and nginx

        1. Login as root via SSH to a Ubuntu server.
        2. Execute 3 commands below.
        sudo apt install python-certbot-nginx
        sudo certbot --nginx -d huybien.com -d www.huybien.com -d example.com -d www.example.com
        sudo certbot renew --dry-run

        3. Remove a certificate:

        sudo certbot delete

        4. Update emails to which notifications will be sent:

        sudo certbot register --update-registration --email [email protected]

        5. Review Let’s Encrypt’s log file:

        sudo nano /var/log/letsencrypt/letsencrypt.log

        Press Ctrl+W, then enter a string to be found.

        Press Alt+W to find a next match.