I have Windows 10 Azure VM and trying to play videos from CDN (vid.pluralsight.com), but it cannot connect to this cdn. Tried tracert to this cdn but it is timing out. this cdn is on http://www.cachefly.com/.
Anybody knows where to enable this?
ICMP is disabled on Azure VM's, so your tracert calls will timeout/fail (even with http/UDP supported packages). That being said, I would reach over to PluralSight support, it would be logic on their end in their CDN configurations denying access to certain IP's or ranges, or without proper auth tokens. They likely can assist you further. The issue does not appear to be with the CacheFly CDN because other CacheFly CDN enabled content is served appropriately on the Azure VMs I've tried (both Windows/ Linux). If you have a CacheFly account you should be able to pre-warm a few cache locations and pull those with url filters, etc. and see that you can expire content, get geo-cached items, etc.
Related
I'm using Azure Storage Blobs and have Azure CDN in front of it serving static images and videos. I have been trying to get my website to use HTTP2 for a while now, but have run into issues with how Azure containerizes .NET Core applications on Linux machines. So, the website (using Kestrel), is only serving files over http/1.1 even if they're local files.
I thought that I could "offload" somethings by moving them to a storage blob container, then using Azure CDN. This article suggests that it should be available: https://learn.microsoft.com/en-us/azure/cdn/cdn-http2
Is there something else I need to configure within my CDN profile or the Storage account to enable http/2? Or is it because my server is serving it as http/1.1?
Thanks,
AJ
After some searching, I found a thread on Stack Overflow (sorry, on mobile and it's a pain to copy/paste links) about how some anti-virus softwares intercept requests to do SSL checking. Anyway, I use Bitdefender and when I went to Protection > Online Threat Prevention and disabled "Encrypted web scan" and then reloaded my domain, sure enough all traffic poured in over http2. I'm not sure why Bitdefender treated Akamai differently, but at least we know why now!
How can I secure the on-demand streaming from Azure Media Services to a specific domain only?
E.g. if you are using the Azure Media Player on www.domain1.com - you can watch the videos, but if you are on www.whatever.com then the video should not play.
Here is what I tried:
Setting CORS on the assigned Azure Storage account - didn't help. All responses seem to have a * cors header.
Setting up IP restrictions on the Streaming Endpoint - didn't help.
I could still stream a video from different machines using the azure media player demo page.
https://ampdemo.azureedge.net/azuremediaplayer.html?url=my_url_to_ism_manifest
UPDATE on the IP restrictions - it seems it needs some time to take effect. But now I realize it is not a good option, because there is no way to know the IP addresses of all the users of my site.
As far as I understood, the other content protection mechanisms (like fairPlay, widivine, etc.) that AMS support, require having a token, meaning the users should authenticate to my site first.
But I do not want to authenticate the users on my site, I just want the videos to be playable only if you are on my site.
One simple solution would be to enable Azure CDN from Verizon Premium and then use the rules engine capabilities to create a rule that only allows access from your domain. Your second solution of of using IP restrictions on the streaming endpoint would work as long as you aren't enabling Azure CDN for the streaming endpoint. If you aren't able to get this solution to work, I would recommend opening up a support case for further investigation.
My website and my domain are hosted on a different service provider from azure. I created a CNAME record and I have added my custom domain to the azure. So right now I can go to http://images.mysite.com/images/myimage.png. The image that loads comes from the blob storage from azure. However, if I try to do this via https, I get NET::ERR_CERT_COMMON_NAME_INVALID error.
I've been through many guides, and seen just about every setting in azure portal and I can't figure out how to import my ssl into azure so that this will work. I have a feeling it has to do something with Azure CDN option, which I don't have configured and don't want to pay extra just for this one feature. Can I do this without it somehow?
I've been through many guides, and seen just about every setting in
azure portal and I can't figure out how to import my ssl into azure so
that this will work.
Simple answer to your question is that it is not possible as of today. Azure Storage still doesn't support HTTPS with custom domain. You'll need to use CDN if you wish to use your SSL certificates to facilitate secure connection.
From https://learn.microsoft.com/en-us/azure/storage/blobs/storage-custom-domain-name:
Azure Storage does not yet natively support HTTPS with custom domains.
You can currently Use Azure CDN to access blobs by using custom
domains over HTTPS.
Hope someone can assist me in correcting this. I am on the last step to enable my CDN endpoint with a custom domain. currently the static website on storage works correctly the following ways.
1 - Storage Account endpoint
2 - Azure CDN xxxxxx.azureedge.net
CNAME is created and correctly configured and validated in azure for my cdn.customdomain.com but when I try to connect to it I get a ERR_CONNECTION_RESET when using a browser or 404 using curl. Any advice anyone can provide.
You could verify the followings:
Configuration. Make sure you select the Custom origin as the origin type and static website URI as the origin hostname.
Networking related. ISP blocks some websites. Firewall blocks specific websites. Internet connection is disabled or interrupted. Refer to this.
Browser error like Chrome. Clear your browser's cache and all locally stored data including cookies or try to use another browser. Refer to this.
Moreover, you could verify this via accessing the cdn.customdomain.com in an Azure VM, which is a different environment from the on-premise network.
I have a LAMP based wordpress installation running on an azure VM. its working fine and publicly accessible.
I wanted to try azure CDN - Verizon for serving my images.
I made cdn, using the new resource manager, added my endpoint of filmycurry.com (my origin server). I am using http only, hence configured the same in endpoint.
My problem is that even after 48 hours. I still cant access any media using cdn. you may try the below links
working - vm based - http://filmycurry.com/wp-content/uploads/2016/05/yu-2.jpg
not working cdn - http://filmycurry.azureedge.net/wp-content/uploads/2016/05/yu-2.jpg
pls note, I had also configured the path correctly to /wp-content/uploads, since beginning.