We have implemented Universal Links for iOS and Android App Links.
We have deployed the following files as per the documentation:
/.well-known/apple-app-site-association
/.well-known/assetlinks.json
Everything works fine until my organization applied domain-level block on traffic out side my country.
We need to whitelist Apple and Google servers but I cannot find their IPs or domain used to access those files.
You should allow all subdomains of Apple & Google to access your servers in the companies firewall,
According to apple, and google, if you are using their products and services in an enterprise environment (e.g. behind a firewall), you should whitelist the following addresses and subdomains:
for Apple: https://support.apple.com/en-us/HT210060
for Google: https://support.google.com/a/answer/2589954?hl=en
and for google also check these lists:
https://support.google.com/a/answer/10026322
https://cloud.google.com/vpc/docs/access-apis-external-ip#config
Related
I have a client who is using Office 365 for email and has changed the nameservers on Google Domains to point to Microsoft nameservers (ns1.bdm.microsoftonline.com, etc), so he can utilize the #domainname.com email extension (and other Office products). Unfortunately, this is messing with my normal groove on how to link my Firebase React projects with Google Domains via adding resource values (i.e. # A record with a value of 111.111.1.111) because as Google warns me right there:
It looks like you've changed your name servers. All settings for your domain (including website, email, synthetic records and resource records) are currently disabled. To enable these settings, you will need to restore the Google Domains name servers.
I can't restore these nameservers to Google, because it will mess/disable his emails. So what to do? I have exhausted my Google searches for an answer, and unsure of what direction to look for an answer. How do I link up my app with Firebase hosting with my Google Domain's domain while still maintaining Office 365 #domainname.com email extension for my client? Maybe I need to add the records on Microsoft's side? Do I need him to transition to GSuite? I'd prefer not to tell him he needs to, but maybe that's the only solution!
It's a bit misleading. The domain is with Google Domains, and Google is saying "All settings for your domain that you might expect us to manage via Google Domains" are disabled - meaning you can't manage them in Google Domains. Instead, they have to be managed in Office 365 (or wherever the nameservers are).
You can get the ip addresses Firebase gives you, send them to your client, and instruct them to update the domain's main A record and www A record (or CNAME) to point to the Firebase ip addresses.
Everything will work just fine - it's just Google telling you that it no longer manages the DNS for the domain.
I recently used Google Domains to register a domain and have connected it to Google Cloud Console to manage a static website. I followed the Google Codelabs guide to set it up and faced no issues. However, when refreshing my website, it still doesn't load and my browser (Chrome) gives me the following error message:
This site can’t be reached
carbonfootprint.dev’s server IP address could not be found."
As well, going to www.carbonfootprint.dev gives me another error message:
Your connection is not private
Attackers might be trying to steal your information from www.carbonfootprint.dev (for example, passwords, messages, or credit cards).
NET::ERR_CERT_COMMON_NAME_INVALID
...Which is confusing, because I was under the impression that a .dev domain suffix gives SSL certification by default.
However, in my Google Domains settings, the website content appears as it should in the minimized preview that exists in both the Domain Overview panel and Website panel. It has been over 48 hours, so it should have updated by now if it were just a delay issue.
For reference, this is what my Custom resource records look like, this is what my synthetic records look like, and these are my bucket details in Google Cloud Console. As well, here is a preview of the website, as shown in the Google Domains console.
Any help is much appreciated!
Ended up finding the answer thanks to #IshRaj on ServerFault.
For future reference to anyone else viewing, Google Cloud Storage only supports HTTP connections when hosting a static website through CNAME resource records. To serve content through a custom domain over SSL, you will need to either:
Set up an external HTTPS load balancer (instructions here),
potentially with Google Cloud CDN (set-up documentation here)
Connect a third-party Content Delivery Network to your Google Cloud
Storage (guide here)
Host your static website on Google App Engine with Python (guide
here)
Serve static website content through Google Firebase rather than
Google Cloud Platform (tutorial here/additional support)
Personally, I went with Google Firebase (the last option), which automatically upgrades websites to https. It was simple and quick to set up and content is now directly deployable from my files. As well, with Firestore's automatic scalability and powerful queries, Firebase becomes a viable alternative, especially with its other features (user authentication, realtime data synchronization, machine-learning, extensions).
I recently purchased a domain with Google Domains and linked it with Google Cloud - specifically Compute Engine. My website is up and running but I noticed that the connection is not secure, and I'm not sure why. Another domain that I set up with Google Firebase was automatically made secure (https by default, right when I set it up), but the new domain that I purchased is not. I have tried to search around on ways to make the domain secure but I have had no luck.
I have an Intranet application which is accessible from within company firewall. To track some specific pages, I want to implement Google Analytics in my Intranet application. This application is accessible from outside only when user system has some specific certificate installed.
Is it possible to implement Google Analytics in my Intranet application?
Will this Google analytics work inside company firewall?
How Google analytics work i.e. what is the actual flow of google analytics?
Yes, Google analytics can be used for internal web applications too. Please visit this URL which will clear your doubts. If you click on the given link and able to access analytics.js file from your internal network you can use Google analytics for your internal applications protected from corporate firewall.
Please note that after implementation, tracking data would be available around 24 hours only. So, you need to wait for 24 hours first. Even if you are not able to view the tracking data, please visit this link. You will find the possible reasons behind not working your analytics code.
In order for Analytics to generate reports for your corporate intranet
usage, your corporate network must be able to reach the Analytics
JavaScript file (analytics.js).
...
Your intranet must also be accessible
through a fully qualified domain name such as
http:// intranet.example.com. The Analytics JavaScript won't work if
your intranet can only be accessed using a domain name that isn't
fully qualified, such as http:// intranet
Ref: https://support.google.com/analytics/answer/1009688?hl=en
In your example, if a person without the certificate you mentioned can still reach the domain (that is, there is a public DNS entry for the domain name) even if they get an 'access denied' or similar message, the tracking should still work.
Google Analytics is Software as a Service and runs on the Google Servers. If your clients cannot reach the Google server than you cannot send tracking data and Google Analytics will not show anything. You may need to adjust your firewall rules to let calls to the Analytics servers pass (are you that you want a third party javascript to send data from your intranet to the internet, though ? There might be legal ramifications, too, after all implementing a script basically means to hand control of the clients to a third party).
If the server for your intranet is connected to the internet you could collect all hits in a log and pipe this to Google Analytics.
However Google Analytics might not be the best choice. You most certainly do not need campaign data, you probably do not have ecommerce in your company and depending on your type of company geo data and technology data might not be relevant (after all you probably know what computers your employees use and where they are). And for a page counter a self hosted solution will do just as well.
Google Analytics requires that you place a script on each page you wish to track. Whenever a page with the script is loaded, the script runs and sends data to GA, so your users must be connected to the internet as well as the intranet for their usage statistics to register. One security issue to consider is the titles of your intranet's pages will be sent externally across the intranet, which your IT security may have an issue with.
For basic intranet analytics, I'd recommend starting with Piwik which is open source and installs on your server.
It will give you a lot of initial usage data and if your customer decides they want more, you can look into more sophisticated products.
i developed an application that is perfectly using maps api.
Today a customer ask me why his google maps is appear completely white on the website, and therefore I discovered that he uses a proxy on his network.
This proxy is set as "deny all" and my customer grants access host by host.
My question is, which host he must enable for allowing that maps api will work correctly?
My website uses API V3,
Thanks
From here:
http://groups.google.com/group/phonegap/browse_thread/thread/3d07771e7708763b
It seems your customer needs to whitelist:
*.googleapis.com
*.gstatic.com