We host sites for multiple clients and want to allow them custom branded urls. This will require us to add entries for each of these new urls to the JavaScript API Domains section of our application. My question is, do we have a limit on the amount of domains we can allow for our application? If so, how many? We are going to need to allow 100s. I cannot find it exclusive stated in the developer documentation. Thank you in advance!
The interface limits you to 50 domains at the moment. If you need more, you'd have to subdivide them out between different application ids.
Related
I am looking to host multiple sites using firebase but have read something that could cause problems.
Each custom domain is limited to having 20 subdomains per apex domain, due to SSL certificate minting limits.
https://cloud.google.com/storage/docs/hosting-static-website
I was hoping to use subdomains, e.g. a.example.com, b.example.com ...etc.
This limit of 20 domains seems quite restrictive and I have some questions
If I create separate projects for each subdomain does this limit still apply? e.g. have 1 firebase project with a hosting site for a.example.com and have a entirely separate firebase project for hosting b.example.com.
I have also read you can hosting using cloud storage and a load balancer. https://cloud.google.com/storage/docs/hosting-static-website. Does this provide an automatic certificate or is it manual?
Does the limit of 20 subdomains apply only to firebase hosting or does it also apply to hosting via cloud storage and a load balancer?
Thanks
This limit is per project, so if you put different domains on different projects they are not affected by it.
The documentation seems to describe the process pretty well: https://cloud.google.com/storage/docs/hosting-static-website#lb-ssl
This limit applies to Firebase Hosting only. Other products may have their own limits of course, but those would be listed in the documentation for that product.
I want to be able to add domains to Firebase hosting with the API instead of the web UI, is that possible?
I want to add potentially hundreds of domains, is there a domain limit per project in Firebase?
As far as I can tell from the entire CLI documentation, there isn't any way to do this.
Lets take a step back and consider what the web UI process involves i.e. the generation of a TXT record to add to your DNS records, after verifying the presence of said TXT record on the domain, providing A records that you (authorized owner) add to allow redirecting to your firebase hosted site.
In my opinion, this very manual back and forth is necessary as a security measure. The only way it is taken out of the equation via the CLI is by providing a means for you to authenticate ownership of a domain (registered with any one of many domain registrars), and being granted authorization to change your A records. These are both outside the scope of Firebase, and could potentially introduce severe security flaws. Regardless, even if it existed, it would still have to be step-by-step and somewhat manual via CLI rather than the single command it sounds like you're looking for.
It is not possible to add custom domains automatically through an API at this time.
Nor would it allow you to create a reseller or multi-tenant project (i.e. connect a large number of domains or subdomains dynamically) since you cannot connect more than about 36 domains connected to one project.
It's possible to add domains using Firebase Hosting Rest Api. I am not sure why they didn't put it on their official website but I checked today and it works. https://developers.google.com/resources/api-libraries/documentation/firebasehosting/v1beta1/java/latest/com/google/api/services/firebasehosting/v1beta1/FirebaseHosting.Sites.Domains.html
Answer that I've received from Firebase support:
There is no API yet that would allow you to add custom domains, it was
requested as a feature before but unfortunately we have no more
information on that - so for now, only the Console UI allows you to do
it.
When it comes to the limits, in a project, a custom domain is
attached to a site - there can be 36 sites per project, and for one
site there is no hard limit, but we recommend not exceeding 20 custom
domains. You can experience technical issues with SSL certs when you
exceed 20 domains per site, which we won’t be able to troubleshoot
since the system was not designed for such use cases.
I am looking for a way to limit access to AWS S3 hosted data in a controlled and at least semi-secure way. I have various resources in a number of S3 buckets, with CloudFront as CDN. I then have a WordPress based website using a theme that allows me to sell "courses". Finally I manage my domains so I can create a sub domain for the content download link, i.e. content.domainname.com.
Ideally I want to limit access to content to a specific set of courses, so only people who have bought the course, and are linking to the content from a web page in that course, can (easily) get at the data.
I know I can use an AWS Web ACL rule to check the referer, to limit downloads to links on my domain. And I think I can expand on that to test more of the URL, so in www.domainname.com/paid/coursename/page.html I could have a rule that tests for the bold portion of the path and refuses otherwise.
However, I also know that referer can be easily spoofed, and more importantly some browsers and internet security software will replace the referer, and I don't want my site security to force customers to change their security settings. So, is there another option, to include some sort of data in the HTTP request, that limits access in a way that is both somewhat secure, but not dependent on a client side settings? Perhaps something like a hash that I could include in the link itself? Or, maybe the WordPress API and AWS Web ACL Rules can communicate is some way so as to validate the logged on user has membership in the course? Grasping at straws here I suspect.
Additionally, there will be a PowerShell script that can be downloaded and run, which will access downloadable content as well. Again, I want to limit access, but in this case I need to be able to maintain the criteria on AWS as I have subscription and non subscription versions of the courses, and the PS script should only download for customers on subscription. So, I could provide the PS script with something like a customer ID, then maintain a list of customer IDs that are currently on subscription so the Web ACL rule could filter. But again, I suspect that HTTP header won't get the job done, because it could be changed by internet security at the customer location. But now I am limited by what PowerShell can do with regards to HTTP requests.
I know, rather an open ended question, but hopefully someone can at least point me in the right direction. It sure seems like both needs are something that AWS should be able to do, I am just so out of my depth here I don't know where to start, and AWS documentation requires that you have some clue to get you going.
I want to set Specific domains in Azure Qna maker app cors settings, not *. Can any one let me know what is the required domains for that, as i do not find any documentation regarding this online.
When you create your QnA Maker resource, you are creating an Application (web app) in order to host your endpoint for queries:
This is due to the architecture which is the following:
So if you want to implement specific CORS rules, go the your Web App and set CORS rules in the dedicated tab:
Additional edit:
Based on the comments (thanks #sumit sharma), the necessary domains are:
qnamaker-service.trafficmanager.net
qnamaker.ai
The answer from Nicholas R gives you everything you need to solve this issue except the domains to add (tried to edit by edit queue is full). If you are looking for the domains to add here, it should be at a minimum https://qnamaker-service.trafficmanager.net and https://www.qnamaker.ai. I added these and have not had any issues with the service since removing "allow all".
My company creates hardware products that are sold throughout the world. They have an embedded webserver that allows for users to configure the product via a web interface. I wanted to enhance the user experience of this interface and the first step would be to start gathering analytics on how users move throughout the tool.
My question is how I should do this since there won't be a domain and instead some internal IP address that is used to access the product. For example, if their IT team installs the printer on 10.10.10.10, they almost never associate that with an internal server name and users would access the web configuration tool by directly hitting the IP. Even if they did create an internal server name like "config.productname.com", I would have no way of knowing what that would be.
This means I can't create a profile in GA to start accepting this analytic data. Has anyone done something similar in the past or have advice on how to address this issue?
Could the issue be resolved by using SiteCatalyst instead?
SiteCatalyst provides the capability to store visitor information inside any cookie of your choosing, and does not care which domain you place code on. Ultimately all data is sent to a subdomain of 2o7.net, however you can create a CNAME record so your site stores and writes cookies to any domain of your choice.
Within the s_code.js file, there is a variable defined that governs the domain the cookie is set:
s.trackingServer="yourorganizationname.2o7.net";
It would not matter where this implementation was tracking data from, they would all use the exact same cookie location, and be treated as the same visitor no matter which domain they viewed. Just keep in mind this is defined as a third-party cookie, and small portion of browsers reject 3rd-party cookies by default.
You might try Piwik or Open Web Analytics since you can deploy them on your own infrastructure and could modify them to meet your requirements.
If you have a serial number assigned to each device during manufacturing, you may want to use that to distinguish between devices, regardless of which analytics tools you use.
Note that as far as I can tell, Google Analytics doesn't actually care what domain you place the code on; they just use your domain specification to determine what sites the tracking cookies will be delivered to. That may not help you as you probably want the tracking cookies to work, but I point it out in case it turns out to be useful...