Blazor is a powerful framework from Microsoft used for building interactive web UIs with C# instead of JavaScript. A key feature of Blazor is its flexibility in how applications are hosted and run. The choice of hosting model—Server, WebAssembly, Interactive Auto, or Hybrid—depends entirely on the specific needs of the application, such as scale/performance requirements, offline capabilities, and access to native device features.
But which flavor of Blazor should you use? Well, that depends...
The Blazor Server hosting model is the easiest to set up and use. It runs your application on the server, and when a user interacts with the application, UI events are sent to the server over a real-time (SignalR) connection. The server processes these events, calculates the necessary UI changes, and sends only those small changes back to the client to update the display. This results in a very thin client and a fast initial load time, as almost no application code is downloaded to the browser.
Best reasons to use this hosting model:
In contrast, Blazor WebAssembly runs your entire application directly in the web browser using a WebAssembly-based .NET runtime. The application's C# code, its dependencies, and the .NET runtime itself, are all downloaded to the client. Once downloaded, the application executes entirely on the user's machine, enabling full offline functionality and leveraging the client's processing power for a rich, near-native user experience.
Best reasons to use this hosting model:
The Blazor interactive auto mode allows you to use both server and WebAssembly components in a single project, giving you precise control over how your app behaves.
Best reasons to use this hosting model:
Blazor Hybrid is a bit different. It's not used for building web applications. It's allows web developers to use their skills to build mobile apps that run on devices at close to native speed. Microsoft Maui is the core platform, which is native and cross-platform. It normally uses XAML for coding user interfaces. When using Blazor Hybrid, however, you can also use Blazor web components alongside XAML or in place of it.
This model provides the best of both worlds: the ability to build a rich, cross-platform UI with web technologies while having full access to the native capabilities of the device, such as the file system, sensors, and notifications.
Blazor Hybrid is the perfect solution for developers looking to create desktop and mobile applications that can share UI components and logic with an existing Blazor web application, or for new mobile app projects.
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
Many organizations are eager to adopt microservices, sometimes before they even know if they need them. Knowing when they fit a need makes all the difference, and sometimes, not using them is the smarter move.
There are some cases where a microservice architecture is your best bet:
If your project has to support multiple technologies that don’t naturally work together, microservices are a natural fit. Take my experience with the Whitelist Sync Web project:
Originally, this project ran on a 100% .NET backend with a Vue frontend. Later, I migrated to a Node backend with a React frontend. However, I still needed to support SignalR—Microsoft’s real-time communication technology—because client applications in the field were dependent on it. The challenge? SignalR server-side hosting is only supported in C#. Node cannot host a SignalR hub.
Removing SignalR from the project wasn’t an option (unless I was willing to rewrite and redeploy all the client apps—which was out of scope). The solution was to create a separate SignalR microservice: a C# project dedicated to SignalR, communicating with the Node backend through JWT auth and REST endpoints. A reverse proxy routed /hubs/ requests to the SignalR service, while all other traffic hit the React app. The entire setup was managed using Docker Compose.
Microservices can be helpful for extending existing applications. If you want to add new functionality using a different tech stack—or isolate new features for a big team—they let you do this without rewriting your monolith.
Splitting your app into smaller, independently hosted pieces means a failure in one service won’t crash the entire application. Of course, you can build robust error handling into a monolith, but microservices can make fault isolation easier.
Cloud providers offer load balancing for monoliths, but microservices can provide more granular scaling. Just keep in mind, if you don’t have heavy load or growth requirements, this might not be worth the extra complexity and cost.
Microservices let you mix and match tech: imagine a Node backend, a React frontend, and a Python microservice for AI features. Each part of your app can use the best tool for the job.
While microservices have their place, they also come with significant downsides:
Running multiple services means more infrastructure, more devops, and more cloud spend. If your application has low demand, this cost is often unjustified. Starting new projects with a single stack keeps things cheaper and simpler.
Multiple services means more to manage: logging, monitoring, orchestration (hello, Kubernetes), and maintenance. All of this adds to the operational burden.
Using cloud-specific services like Azure Functions ties your app to one provider. Migrating later is possible, but few businesses want to refactor dozens of microservices just to escape rising costs.
Deploying a monolith is straightforward. Microservices require complex CI/CD pipelines and orchestration. Tools like Fynydd fdeploy can help, but they add yet another layer of infrastructure.
With more moving parts, it’s harder to add features, fix bugs, and onboard new team members.
Microservices make authentication harder. Instead of just handling user auth, you now need to manage service-to-service authentication, which can be complicated and error-prone.
Given all these costs, it’s clear: Start simple. For most projects, especially those with low load or a single technology stack, a monolith is the best starting point. Design your application with modularity and future growth in mind, so you can break it into microservices if you ever need to. But don’t jump into microservices unless you’re solving real problems that require them.
Further reading: You Don’t Need Microservices (itnext.io)
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
There is a world full of "build your own website" services that allow just about anyone to stand up a new website in a few hours. Even organizations can leverage the simplicity offered by these services to set up an online store, community, and more. Here are a few examples of why people typically choose these services.
Sounds great! But as with everything in life, there are tradeoffs.
Regardless, these services can be a great way for individuals and small organizations to bootstrap their web presence, and in many cases, you can happily continue to use the service for years.
But there are also long-term lock-in issues that can be more serious, potentially impeding your growth, for example:
If the tradeoffs are too much to swallow, fear not! You can also go with a custom web app tailored specifically to your needs and budget. It can match your vision without compromises and scaling can be managed more easily as your business or traffic grow.
So how do you get started? With a builder service you first have to find one with the price and features you need, and then create an account and dig into their control panel to start configuring your website. Whereas for a custom website the first step is to find a web development partner you can rely on for advice and technical expertise, like Fynydd. Your partner can help gather your ideas, come up with a plan, and build your web app, all within your budget and timeline. They're usually experts in both new web app projects and migrations from other platforms and services. Most importantly, they fill the knowledge gap left by the "build your own website" service.
A web development partner will choose technologies that have a proven security track record. One way we do this is by consulting the CVE database; a publicly funded global resource for tracking common vulnerabilities and exposures. For example, a CVE search quickly reveals that WordPress has historically been a security nightmare.
Your development partner will help you with a design that matches your vision, a hosting service that meets your needs and budget, a security review, a backup plan and disaster recovery strategy, and more. When the time comes to grow your platform, they can help with that too. And throughout the journey you maintain full control over your brand, your website, your data, and your customers.
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
Qualys has a free tool named SSL Labs that anyone can use to check the security of their website TLS certificates and certificate hosting configuration. This is an frequently overlooked area of securing a website and we highly recommend using it on your own website. In fact, we use it on all our website projects to secure our client websites, and dog food it for fynydd.com (we score an A+ by the way).
The SSL Labs tool will evaluate a ton of certificate hosting exploits like BEAST, POODLE (SSLv3), POODLE (TLS), Zombie POODLE, GOLDENDOODLE, Sleeping POODLE, and more.
It will also scan your server's TLS/SSL protocol support to ensure that you're using the latest version (TLS 1.2 at the time of this writing) and that your server has disabled legacy protocols to prevent protocol fallback attacks. In fact, if you're hosting with Microsoft Internet Information Service (IIS) we highly recommend installing the "Setup Microsoft Windows or IIS for SSL Perfect Forward Secrecy and TLS 1.2" PowerShell script to lock down your server TLS/SSL protocol support.
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
The Fdeploy project is a command line interface (CLI) application that can use simple YAML config files in your ASP.NET web projects to define deployment to one or more remote environments over SMB, like over a VPN connection using a network file share.
It can be configured to clean and purge the project, build, and publish, and even add files and folders to the published output prior to deployment.It can then deploy with various rules like "path ignore", "always update path", "clean orphaned files and folders", and more. You can even define content that can be deployed without taking the web app offline. And when it does, it uses an app offline file that you can also customize in the YAML settings.
Fdeploy also has robust retry support. When files are in-use on the remote server it will retry one or more times and wait a specified number of seconds between attempts.
Visit the repository to see how you can install this tool to begin using it right away.
1. Install Microsoft .NET
Fdeploy requires that you already have the .NET 8.0 runtime installed, which you can get at https://dotnet.microsoft.com/en-us/download.
2. Install Fdeploy
Run the following command in your command line interface (e.g. cmd, PowerShell, Terminal, bash, etc.):
Later you can update Fdeploy with the following command:
If you need to completely uninstall Fdeploy, use the command below:
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
The NameCheap project builds a command line interface (CLI) application that can add and remove text records using the NameCheap API.
It was originally built to allow for creating wildcard TLS certificates using win-acme (Let's Encrypt) on an IIS server. Creating wildcard certificates with win-acme requires DNS host validation. This application can be used with the win-acme script feature to allow it to communicate with the NameCheap API and create/delete TXT records that will validate domain ownership.
This tool does not support the complete NameCheap API. But it does handle the challenging task of adding and removing text records. Why is this challenging? The NameCheap API does not have functions to add or remove individual records, so the entire set of records must be downloaded, modified, and sent back.
Download the project and publish it from the root project folder as below.
In the publish folder, edit the appsettings.json file and supply your own values.
Once the appsettings.json file is modified, put the contents of the publish folder on your server and you should be able to use the executable with win-acme or any other tool by calling it with a fully qualified path.
The command line is in the format below:
Some examples include:
So in win-acme you would set your create script arguments to this:
Likewise, your delete script arguments would be:
The tool can be used on Linux or macOS as well. If the published executable doesn't run on macOS you may need to manually sign the published application using something like this:
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
Microsoft (in)famously requires that your PC have a special security chip (TPM) in order to install Windows 11. But the requirement is wholly unnecessary to maintain a secure installation. And it requires many people to buy new PCs, arguing that this is likely the primary reason Microsoft implemented the requirement.
Patching the Windows install to allow it to run on existing hardware without a TPM chip has been a game of cat and mouse. And until now it had again been thwarted by Microsoft.
Recently Microsoft has patched the Windows 11 ‘product server’ trick for TPM check bypass, but the bypass still works with setupprep.exe. This bypass will upgrade Windows 10 clients to Windows 11 without requiring a TPM.
