586 – Pick Up Thy WordPress

clip_image002This tip has been a very long time coming. Back in ToW 479, the subject of running WordPress on Azure was mooted, and it prompted an internal-to-MS conversation about the guidelines for publishing stuff externally.

The extended back story is that there were hundreds of employee blogs which had been published under the technet.microsoft.com and msdn.microsoft.com sites, both of which URLs could trace their birth back to the 1990s, and a project was underway to clean them up and rationalize somewhat.

Initially, guidance to MS bloggers was (basically) “unless you’re an official blog, you have <nn months> to move your stuff elsewhere before it gets deleted.” Certainly, there was to be no new content after the cut-off date.

That guidance relented somewhat and content from relatively active blogs was migrated to the Microsoft Docs archive though taking a trip through the final posts from the ToW host blog, The Electric Wand, shows that lots of graphical content was not carried across – more of a lift & dump than a lift & shift.

Blogging is a bit old-hat these days but lots of people do still maintain a blog to share stuff they think is interesting; see Scott Hanselman as one example.

Anyway, the solution for Tip o’ the Week was to move to an external website – www.tipoweek.com – which is hosted in Azure and, like about a third of all websites, running under the content management system, WordPress.

clip_image004Setting up a WordPress site is pretty straightforward, really – though you do have a variety of options on what kind of site you want to build. If you need a complex site with lots of control over it, then you might clip_image006want to run it in a Virtual Machine or a container. For most of us, though, a simple App Service will suffice. From the home page of your Azure subscription, just Create a resource and search services and marketplace for WordPress, then select the WordPress App Service from the multitude of options you might get.

For more tips on how best to get up and running with WP in Azure, see here.

clip_image008One retiring Microsoftie (not the shy type, but leaving the company, today in fact), emailed last week to point out that the tipoweek.com website was being flagged in Edge as Not secure. Oh Noes!

This has, in fact, been a niggling issue for a while, since Chrome (and Edge, given its diet of Chromium) instituted a policy of flagging any website that doesn’t use the secure HTTPS protocol & SSL by default.

Secure Sockets Layer, if you’re not overly familiar with it, relies on a way of encrypting data travelling between two points, using a previously-generated pair of mathematically-linked digital keys. If you have one key, you can use it to encrypt data which can only be decrypted by the other key in the pair (ie you can’t even use the same key that encrypted the data to decrypt it again). Typically, one of these keys is publicly accessible and the other is kept private.

clip_image010One way of sharing a public key is to embed it in a site’s SSL certificate, which is in turn validated by a mutually-trusted third party (called a certificate authority). If you visit the website for an institution like a shop or a bank, then your browser will download the site’s certificate, validate that it’s still current and trusted, then use that public key to encrypt data sent to the site. Since that data can only be decrypted using the corresponding private key, we can validate that the site is not being impersonated.

The whole public/private key encryption process has something of a computational overhead associated with it, but once we have established a secure connection, we could use a faster encryption technique for data sharing by using a single key that can both encrypt and decrypt the same data.

In other words, if I go to a website that presents me a certificate specifically issued for that URL’s domain, I can be sure that the site handing out the cert is who they purport to be. This could be validated by me generating a random set of numbers, encrypting it with the public key and sending that to the site; it would decrypt the gobbledygook with the private key that only it has, and we now both have the same set of data that has been securely shared between us. That would form the symmetric key that we can use for the rest of the connection.

For more detail on these kinds of topics, check out the Cryptography 101 podcast on Hanselminutes.

clip_image012In Edge, if you want to look at a secure site’s certificate, click on the padlock icon (or the handbag icon as some people once saw it – that meant it was safe to shop) – and click the “Connection is secure” banner, then click the little certificate icon in the upper right.


The trouble is, if you’re hosting a hobby or a community web site, paying for an SSL certificate might seem a bit of overkill; web hosting companies will try to bundle them into domain protection and other security features which might be no big deal for a commercial enterprise but a little stiff for a parish newsletter.

Fortunately, there are alternatives, though they do need a bit of spade work to get up and running. Hanselman (yes, him again) discussed using an extension and an organisation called Let’s Encrypt, whose goal it is to make the web 100% secure. They have issued over 225 million SSL certs, and will generate 3-month-validity certificates free of charge, as an alternative to paying anything from $60-200 a year to a commercial issuer. With a bit of practice, it doesn’t take long to create and manage the certs and if you only need to do it 4 times a year, then it could be time well spent and money well saved.

clip_image016An alternative method was written up by fellow Microsoftie Andreas Pohl, using a slightly more manual method to create the certificate then import into Azure; if you’re looking for an excuse to get Windows Subsystem for Linux up and running, then this could be it.

Once you have the certificate exported to a file, it’s a matter of a few clicks to import it into the Azure App Service that is running WordPress, set up the bindings appropriately, and you can then flick the switch to make the site only service up content over HTTPS.

clip_image018And thus display the handbag of security to anyone who visits.

585 – Heading to Viva

clip_image002Back in the mid/late 20th century, the mainstream car market in developed countries was quite localized, where certain brands were seen as the default. Italians drove Fiats and Lancias; even until fairly recently, pretty much all you’d see in French towns were Citroëns and Renaults. The biggest blue-collar rivalry for Brits, Aussies and many Americans was undoubtedly… are you a Ford family, or a GM family?

In the UK’s 1970s, Ford had the Fiesta (small), Escort (mid), Cortina (large), Capri (sporty) and Granada (executive). GM operated in mainland Europe as Opel (Kadett/Rekord/Monza/Senator etc) and in the UK, as Vauxhall (Chevette/Cavalier/Carlton etc). Brits of a certain age may fondly? remember the Escort-sized, everyman family car: the Vauxhall Viva. The announcement of the employee wellbeing platform, Microsoft Viva thus brought a misty-eyed moment of reflection for some…

clip_image004Since the unveiling in February 2021, Viva functionality has been gradually added to a variety of Office 365 experiences from Topics (based on what was called Project Cortex), Learning (highlighting online learning materials from a selection of company-curated sources, including stuff from LinkedIn Learning), Connections (a modern take on the company intranet) and the first module which was available, Insights, which is accessed via an app in Teams.

The Insights-defined “Virtual Commute” and calendar-blocking Focus Time has been mentioned previously in ToW #577, but it’s had a new shot in the arm as well as announcements about forthcoming improvements, such as the ability for Teams to quieten notifications when you’re in a focus period, and quiet time when Teams and Outlook will shush pinging you outside of working hours.

Now rolling out to Viva Insights is a set of mindfulness and meditation exercises curated from Headspace, who produce a load of online video as well as Netflix series and in-flight channels. See more about Headspace in Viva Insights, here.


584 – Office Apps expansion

clip_image002Subscribers to Office 365 / Microsoft 365 obviously get a load of services like email, OneDrive storage, SharePoint and so on, as well as client apps like the full-blown Office suite. Over the years, the app experience has got quite a lot closer with the web clients sometimes advancing faster than the desktop or mobile apps, meaning that it’s increasingly viable to live your life entirely in the browser.

clip_image004The Office home page – on www.office.com when you’re signed in using your M365 account, or maybe even installed as an app on your PC – shows a list of available apps if you click the grid icon in the top left. Initially you’ll see the most popular or your own most recently used apps, but try clicking on “All apps” for the full list of what else is offered.

What you’ll see depends on what kind of subscription you have and what previews you might have opted into, as well as what apps may have been published by your subscription’s administrators (eg internal HR website or IT support desk sites could be listed there).


To keep things interesting, you can also install most of these web apps as Progressive Web Apps on your PC – using Edge, go to the Settings “…” menu in the top right, and look for the Apps menu option. They will then appear in the Start menu, can be pinned to the Task Bar and run in their own discrete window, just like a “real” program would.

One app which could roll back the years for a lot of people is Visio. Microsoft bought the diagramming software company at the turn of the century, for what was the largest acquisition to date – check out the list of other deals and see if you can remember many of those other $100M+ names…

Microsoft Visio became a premium addition to the Microsoft Office suite, latterly being sold as an add-on like Project. The software has continued to evolve over the years and has its own band of fans who use it for mind mapping, flowcharting, network diagrams, room layouts and so much more. You can even build Power Automate workflows using Visio (see more here).

clip_image008It was recently announced that Visio is coming to a good many Office 365 subscriptions next month, for no extra charge. The “lightweight” web app approach is not going to supplant the full application for more complex purposes, but it still offers a wide range of templates that can be used to start some fairly snazzy drawings, all done in the browser.

If you’d normally turn to PowerPoint to try to create graphical documents like flow diagrams or simple org charts, keep an eye out on the All Apps list to see when Visio makes an appearance, and give it a try.


583 – Zooming PPT

clip_image002The Pandemic may have exposed millions of new WFHers to the delights of video conferencing, but the Zoom in this week’s ToW has nothing to do with the eponymous meeting company, rather it deals with a very cool yet somewhat obscure feature in PowerPoint, called, er, Zoom.

Way back when, there were numerous product incubation groups in Microsoft, who tried out new features as addins or companion products; over time, most of them have disappeared or the prototype products they produced made their way into the mainstream (or just quietly went away). Innovation continues within the various engineering groups, of course, and some is curated in the Microsoft Garage.

One OfficeLabs project that showed promise was pptPlex – an addin to PowerPoint that made it easy to create and present “non-linear” presentations, offering a kind of “Seadragon” type experience of zooming into content. The actual pptPlex software is long-gone but if you want a reminder of what it was like, or even to recall how funky Office 2007 looked, check out this video tutorial.

clip_image004But like other Labs innovations, the ideas were re-born in other ways, in this case in the PowerPoint Zoom feature. This lets you essentially embed a thumbnail of a slide into another one, optionally even replacing the mini-version of the slide graphic with a custom image; in the example shown below, rather than a miniscule chart of stock price, we’ve put the company logo instead, but clicking on it drives a nice zoom transition to a separate slide which has the real chart.

clip_image006It’s probably easiest to see by example so check out the download here – to experience the Zoom effect, put the file into Slideshow mode.

For more info on using Zoom, see here.

582 – Edgy Profile Switching

clip_image002The “new” Edge browser has been around long enough to be just “the Edge browser”, given that old Edge is not only deprecated but being removed from Windows 10. If you’re still clinging onto Internet Explorer, then get ready for its demise; it’s got a year left, then the plug gets pulled. Plenty of ToW’s past have dealt with the Edge browser, especially the benefits of having multiple profiles (useful to keep work and personal stuff separate, or even having different sets of credentials for common sites, like demo accounts vs real users).

A feature which was added to the profile functionality was the ability for Edge to switch between them automatically – in other words, Edge would try to determine if you’re opening a site in the “wrong” profile, and it also lets you set the default on which profile should be used when you click an external link in an email or a document (other than in the browser itself). This not only changes how the site might be displayed, but also sets where the browser history is saved, and which set of cookies, cached usernames / passwords etc should be used…


You could set that a specific profile should be used for “external” links; if set to “Work”, then all external links (from other apps) would open in that profile; automatic does a pretty good job but sometimes gets flummoxed by M365 sites like Sharepoint, which could mean clicking a link to a doc in Outlook will try to open it in your personal profile, and fail to authenticate (since you’d want it to use the work profile’s credentials).

Similarly, if you had it set up to open links in whichever profile was last used or to hard-default to Work, then clicking a URL that you’d want to view in Personal might cross the streams. Fortunately, an unreleased feature could be just what you need in this scenario.

There’s a still-experimental “flags” feature set that is part of both Google Chrome and Microsoft’s Chromium-based-Edge; different releases of each browser have a changing set of flags features which can be enabled if you know they’re there and are prepared that they might not work, or at least might not work in the same way as they eventually will.


Many flags tweak how the browser operates under the covers and will never be noticeable by the average user; others enable features that are hidden by default or are still early in their development cycle.
The plan is that (in some form) flag features will be part of the mainstream release, though not necessarily in the same way. You can view the flags by entering edge:flags in the address bar.

clip_image008One flag which is eminently and quietly useful in this potential multi-profile befuddlement is edge://flags/#edge-move-tabs-to-profile-window. It does pretty much what it says; right-clicking on a browser tab will let you switch it between the profiles, so if you’re presented with a login screen for a site that should be opened in the other profile, one click is all it takes to flick it across.