I recently purchased a domain with Google Domains and linked it with Google Cloud - specifically Compute Engine. My website is up and running but I noticed that the connection is not secure, and I'm not sure why. Another domain that I set up with Google Firebase was automatically made secure (https by default, right when I set it up), but the new domain that I purchased is not. I have tried to search around on ways to make the domain secure but I have had no luck.
Related
I have a client who is using Office 365 for email and has changed the nameservers on Google Domains to point to Microsoft nameservers (ns1.bdm.microsoftonline.com, etc), so he can utilize the #domainname.com email extension (and other Office products). Unfortunately, this is messing with my normal groove on how to link my Firebase React projects with Google Domains via adding resource values (i.e. # A record with a value of 111.111.1.111) because as Google warns me right there:
It looks like you've changed your name servers. All settings for your domain (including website, email, synthetic records and resource records) are currently disabled. To enable these settings, you will need to restore the Google Domains name servers.
I can't restore these nameservers to Google, because it will mess/disable his emails. So what to do? I have exhausted my Google searches for an answer, and unsure of what direction to look for an answer. How do I link up my app with Firebase hosting with my Google Domain's domain while still maintaining Office 365 #domainname.com email extension for my client? Maybe I need to add the records on Microsoft's side? Do I need him to transition to GSuite? I'd prefer not to tell him he needs to, but maybe that's the only solution!
It's a bit misleading. The domain is with Google Domains, and Google is saying "All settings for your domain that you might expect us to manage via Google Domains" are disabled - meaning you can't manage them in Google Domains. Instead, they have to be managed in Office 365 (or wherever the nameservers are).
You can get the ip addresses Firebase gives you, send them to your client, and instruct them to update the domain's main A record and www A record (or CNAME) to point to the Firebase ip addresses.
Everything will work just fine - it's just Google telling you that it no longer manages the DNS for the domain.
I recently used Google Domains to register a domain and have connected it to Google Cloud Console to manage a static website. I followed the Google Codelabs guide to set it up and faced no issues. However, when refreshing my website, it still doesn't load and my browser (Chrome) gives me the following error message:
This site can’t be reached
carbonfootprint.dev’s server IP address could not be found."
As well, going to www.carbonfootprint.dev gives me another error message:
Your connection is not private
Attackers might be trying to steal your information from www.carbonfootprint.dev (for example, passwords, messages, or credit cards).
NET::ERR_CERT_COMMON_NAME_INVALID
...Which is confusing, because I was under the impression that a .dev domain suffix gives SSL certification by default.
However, in my Google Domains settings, the website content appears as it should in the minimized preview that exists in both the Domain Overview panel and Website panel. It has been over 48 hours, so it should have updated by now if it were just a delay issue.
For reference, this is what my Custom resource records look like, this is what my synthetic records look like, and these are my bucket details in Google Cloud Console. As well, here is a preview of the website, as shown in the Google Domains console.
Any help is much appreciated!
Ended up finding the answer thanks to #IshRaj on ServerFault.
For future reference to anyone else viewing, Google Cloud Storage only supports HTTP connections when hosting a static website through CNAME resource records. To serve content through a custom domain over SSL, you will need to either:
Set up an external HTTPS load balancer (instructions here),
potentially with Google Cloud CDN (set-up documentation here)
Connect a third-party Content Delivery Network to your Google Cloud
Storage (guide here)
Host your static website on Google App Engine with Python (guide
here)
Serve static website content through Google Firebase rather than
Google Cloud Platform (tutorial here/additional support)
Personally, I went with Google Firebase (the last option), which automatically upgrades websites to https. It was simple and quick to set up and content is now directly deployable from my files. As well, with Firestore's automatic scalability and powerful queries, Firebase becomes a viable alternative, especially with its other features (user authentication, realtime data synchronization, machine-learning, extensions).
I have an Intranet application which is accessible from within company firewall. To track some specific pages, I want to implement Google Analytics in my Intranet application. This application is accessible from outside only when user system has some specific certificate installed.
Is it possible to implement Google Analytics in my Intranet application?
Will this Google analytics work inside company firewall?
How Google analytics work i.e. what is the actual flow of google analytics?
Yes, Google analytics can be used for internal web applications too. Please visit this URL which will clear your doubts. If you click on the given link and able to access analytics.js file from your internal network you can use Google analytics for your internal applications protected from corporate firewall.
Please note that after implementation, tracking data would be available around 24 hours only. So, you need to wait for 24 hours first. Even if you are not able to view the tracking data, please visit this link. You will find the possible reasons behind not working your analytics code.
In order for Analytics to generate reports for your corporate intranet
usage, your corporate network must be able to reach the Analytics
JavaScript file (analytics.js).
...
Your intranet must also be accessible
through a fully qualified domain name such as
http:// intranet.example.com. The Analytics JavaScript won't work if
your intranet can only be accessed using a domain name that isn't
fully qualified, such as http:// intranet
Ref: https://support.google.com/analytics/answer/1009688?hl=en
In your example, if a person without the certificate you mentioned can still reach the domain (that is, there is a public DNS entry for the domain name) even if they get an 'access denied' or similar message, the tracking should still work.
Google Analytics is Software as a Service and runs on the Google Servers. If your clients cannot reach the Google server than you cannot send tracking data and Google Analytics will not show anything. You may need to adjust your firewall rules to let calls to the Analytics servers pass (are you that you want a third party javascript to send data from your intranet to the internet, though ? There might be legal ramifications, too, after all implementing a script basically means to hand control of the clients to a third party).
If the server for your intranet is connected to the internet you could collect all hits in a log and pipe this to Google Analytics.
However Google Analytics might not be the best choice. You most certainly do not need campaign data, you probably do not have ecommerce in your company and depending on your type of company geo data and technology data might not be relevant (after all you probably know what computers your employees use and where they are). And for a page counter a self hosted solution will do just as well.
Google Analytics requires that you place a script on each page you wish to track. Whenever a page with the script is loaded, the script runs and sends data to GA, so your users must be connected to the internet as well as the intranet for their usage statistics to register. One security issue to consider is the titles of your intranet's pages will be sent externally across the intranet, which your IT security may have an issue with.
For basic intranet analytics, I'd recommend starting with Piwik which is open source and installs on your server.
It will give you a lot of initial usage data and if your customer decides they want more, you can look into more sophisticated products.
I need a way to remove my own traffic and interaction from my Google Analytics.
I know of all the IP and cookie based solutions but IPs can change and cookies can be erased.
One thing I did think of is that I'm always logged into my Google account and I'm always using Chrome. Is there any way to use this to my advantage? It would be really nice if I could just ignore based on my Google Account.
Browser Extensions
Use a browser extension to prevent you from being tracked on analytics. I use the Block Yourself From Analytics extensions because it allows you to configure the sites you want to prevent traffic on.
I need to track an intranet site's traffic and would prefer to use Google Analytics because we have several other properties already being tracked there.
Google Analytics requires a public address to set up a new property for tracking. If I create a subdomain (intranet.domain.com) to satisfy that requirement, I believe the rest should work fine. (External .js file for Google is outbound-reachable from within our network, inbound-external access is blocked to protect confidential information.)
Does anyone have experience with this situation? Can you confirm the
proposed method will work?
Will the new tracking code work from any URL, regardless of the registered property address?
Thanks!
Google Analytics records data via parameters on tracking pixel requests. You need to make sure that requests for google-analytics.com/__utm.gif will go through from your intranet. (I'm guessing it shouldn't be an issue since you said google-analytics.com/ga.js is not blocked.)
It's also not a problem using the web property ID ('UA-xxxxx-x') on different domains than it was originally created for.