Tracking a product's web interface with Google Analytics - google-analytics

My company creates hardware products that are sold throughout the world. They have an embedded webserver that allows for users to configure the product via a web interface. I wanted to enhance the user experience of this interface and the first step would be to start gathering analytics on how users move throughout the tool.
My question is how I should do this since there won't be a domain and instead some internal IP address that is used to access the product. For example, if their IT team installs the printer on 10.10.10.10, they almost never associate that with an internal server name and users would access the web configuration tool by directly hitting the IP. Even if they did create an internal server name like "config.productname.com", I would have no way of knowing what that would be.
This means I can't create a profile in GA to start accepting this analytic data. Has anyone done something similar in the past or have advice on how to address this issue?
Could the issue be resolved by using SiteCatalyst instead?

SiteCatalyst provides the capability to store visitor information inside any cookie of your choosing, and does not care which domain you place code on. Ultimately all data is sent to a subdomain of 2o7.net, however you can create a CNAME record so your site stores and writes cookies to any domain of your choice.
Within the s_code.js file, there is a variable defined that governs the domain the cookie is set:
s.trackingServer="yourorganizationname.2o7.net";
It would not matter where this implementation was tracking data from, they would all use the exact same cookie location, and be treated as the same visitor no matter which domain they viewed. Just keep in mind this is defined as a third-party cookie, and small portion of browsers reject 3rd-party cookies by default.

You might try Piwik or Open Web Analytics since you can deploy them on your own infrastructure and could modify them to meet your requirements.
If you have a serial number assigned to each device during manufacturing, you may want to use that to distinguish between devices, regardless of which analytics tools you use.
Note that as far as I can tell, Google Analytics doesn't actually care what domain you place the code on; they just use your domain specification to determine what sites the tracking cookies will be delivered to. That may not help you as you probably want the tracking cookies to work, but I point it out in case it turns out to be useful...

Related

How would you identify if a visitor to one of your sites is the same person who visited another site of yours before (different domain)?

My question is more of a conceptual one, but in my specific case I am using Google Analytics 4. If the question is unclear, here it is in scenario form: Some guy visits my site x.com after a google search. He closes the tab, does another google search, and arrives at my other site y.com. How do I know it's the same person? I don't think there's anything I can do with User ID's in this situation. How would I solve this?
This isn't without fault, but if you are implementing it via Google Tag Manager, you have more control over the data being sent and on top of that, if you are transporting the data via Google Tag Manager server side container.
You would use a single server (but possibly different containers) or use BigQuery and either use the templateDataStorage API call or the BigQuery API call.
Essentially, the first time you see a google cid or an IP address or combination of user agent and ip address you would store it in the server or in a BigQuery table as a key and create a random associated value next to it.
At each time, across all your sites, you would check to see if the IP address or CID or combination of user agent and ip exists in the server or in the BigQuery table, then output the random value as a custom dimension and if not, it will create one.
Actually you probably wouldn't.
Presumably you could try fingerprinting, but depending on your legislation that might not be quite legal, and it tends to work a lot better in a lab than in real life. Also browsers start to implement anti-fingerprinting measures such as trimming the user agent, and denying access to browser properties such as installed plugins.
I have heard of experimental approaches to recongnize users via usage patterns - e.g. how do they move their mouse etc. I am not aware of any actual product that uses this, and I am not convinced it is a useful (or even legal) approach.
But in general, when it comes to cross-domain detection for unrelated visits (moving from domain to domain works via link decorators, and even that is affected by browser protections) you have the combined power of browser vendor against you, who try to make this harder (either for genuine concerns about privacy, or to establish themselves as the single gatekeeper for user identity. E.g. Google has a huge user base that is almost constantly logged in to Google accounts or Android smartphones, which helps with identifying users all over the web).

Is there a way to prevent content caching or scraping from an API?

Imagine the following situation. I have an API and a developer builds an application that retrieves new content from it on a daily base. She stores this content and provides this data to all the instances of an app she developed. In this way these apps do not have to call the API directly.
Is there a way to prevent this and force the apps (and therefore the end users) to use the API and not only the application on the server.
I found many questions about how to cache API data but not how to prevent that. I am fairly new to this, so maybe I am overlooking something or maybe it is not possible to prevent this.
Thank you in advance!
Assuming you are using Apigee for API-management, you have some options. First, consider the options available to you contractually, if this is that sort of business relationship and you can impose certain API behavior with a business partner through a contract.
Separate from the legal side of things, we remember that you control your API and the credentials you issue for use by your API clients. You cannot though control, practically, what a client developer does with the credentials you issue: she could promise to embed the credentials in the mobile apps' API client, but change her mind and use it centrally, and then design her mobile client to call into her central cache. If though you really insist that only mobile app clients should be calling your API and not a hub/cache server, then you could consider applying constraint policies on your API (within the Apigee proxy, such as Access Control). For instance, you could blacklist your partner's hub/cache server IP address, although that is weak security at best. Or, you could apply a constraint that only clients with certain identifying User-Agent strings (mobile OS, client) are allowed to connect to your API. Or use GeoIP filtering to allow only clients from certain regions, if that applies to your use-case.
Finally, depending on the data model, you might be able to rate-limit such that a bulk cache becomes impractical: if your edge-client use-cases is to fetch a single record, but a cache would have to hold thousands of records, then you could impose a per-client rate limit (Quota policy) which is no bother to individual mobile clients, but makes the work of a hub/cache server untenable.

Can I add a domain to Firebase hosting via the API?

I want to be able to add domains to Firebase hosting with the API instead of the web UI, is that possible?
I want to add potentially hundreds of domains, is there a domain limit per project in Firebase?
As far as I can tell from the entire CLI documentation, there isn't any way to do this.
Lets take a step back and consider what the web UI process involves i.e. the generation of a TXT record to add to your DNS records, after verifying the presence of said TXT record on the domain, providing A records that you (authorized owner) add to allow redirecting to your firebase hosted site.
In my opinion, this very manual back and forth is necessary as a security measure. The only way it is taken out of the equation via the CLI is by providing a means for you to authenticate ownership of a domain (registered with any one of many domain registrars), and being granted authorization to change your A records. These are both outside the scope of Firebase, and could potentially introduce severe security flaws. Regardless, even if it existed, it would still have to be step-by-step and somewhat manual via CLI rather than the single command it sounds like you're looking for.
It is not possible to add custom domains automatically through an API at this time.
Nor would it allow you to create a reseller or multi-tenant project (i.e. connect a large number of domains or subdomains dynamically) since you cannot connect more than about 36 domains connected to one project.
It's possible to add domains using Firebase Hosting Rest Api. I am not sure why they didn't put it on their official website but I checked today and it works. https://developers.google.com/resources/api-libraries/documentation/firebasehosting/v1beta1/java/latest/com/google/api/services/firebasehosting/v1beta1/FirebaseHosting.Sites.Domains.html
Answer that I've received from Firebase support:
There is no API yet that would allow you to add custom domains, it was
requested as a feature before but unfortunately we have no more
information on that - so for now, only the Console UI allows you to do
it.
When it comes to the limits, in a project, a custom domain is
attached to a site - there can be 36 sites per project, and for one
site there is no hard limit, but we recommend not exceeding 20 custom
domains. You can experience technical issues with SSL certs when you
exceed 20 domains per site, which we won’t be able to troubleshoot
since the system was not designed for such use cases.

AWS Web ACL rule: alternatives to Referer

I am looking for a way to limit access to AWS S3 hosted data in a controlled and at least semi-secure way. I have various resources in a number of S3 buckets, with CloudFront as CDN. I then have a WordPress based website using a theme that allows me to sell "courses". Finally I manage my domains so I can create a sub domain for the content download link, i.e. content.domainname.com.
Ideally I want to limit access to content to a specific set of courses, so only people who have bought the course, and are linking to the content from a web page in that course, can (easily) get at the data.
I know I can use an AWS Web ACL rule to check the referer, to limit downloads to links on my domain. And I think I can expand on that to test more of the URL, so in www.domainname.com/paid/coursename/page.html I could have a rule that tests for the bold portion of the path and refuses otherwise.
However, I also know that referer can be easily spoofed, and more importantly some browsers and internet security software will replace the referer, and I don't want my site security to force customers to change their security settings. So, is there another option, to include some sort of data in the HTTP request, that limits access in a way that is both somewhat secure, but not dependent on a client side settings? Perhaps something like a hash that I could include in the link itself? Or, maybe the WordPress API and AWS Web ACL Rules can communicate is some way so as to validate the logged on user has membership in the course? Grasping at straws here I suspect.
Additionally, there will be a PowerShell script that can be downloaded and run, which will access downloadable content as well. Again, I want to limit access, but in this case I need to be able to maintain the criteria on AWS as I have subscription and non subscription versions of the courses, and the PS script should only download for customers on subscription. So, I could provide the PS script with something like a customer ID, then maintain a list of customer IDs that are currently on subscription so the Web ACL rule could filter. But again, I suspect that HTTP header won't get the job done, because it could be changed by internet security at the customer location. But now I am limited by what PowerShell can do with regards to HTTP requests.
I know, rather an open ended question, but hopefully someone can at least point me in the right direction. It sure seems like both needs are something that AWS should be able to do, I am just so out of my depth here I don't know where to start, and AWS documentation requires that you have some clue to get you going.

Webex API Usage without using Personal Domain

I want to use Webex API [www.webex.com] to create meeting from my site.
For that I need my own domain in the case of URL API in this way:
"https://yourWebExHostedName.webex.com/yourWebExHostedName/".
And in the case XML API, I need WebexID, SiteID, ParternerID.
Those are mentioned in this Webex official document.
https://developer.cisco.com/documents/4733862/4736679/URL+API+WBS+27+Ref+Guide.pdf
I want to say that these parameters are available in testing environment.
But I don't have my own domain to use this API in production environment.
So I want to know that it is possible to use this API in production environment without owning a domain.
Do you have any Idea? Have you faced such problem? I need urgent solution regarding that.
For the XML API, you can obtain those parameters from this page (you need to login or register first to be able to see the form):
https://developer.cisco.com/site/webex-developer/develop-test/try-webex-apis/
To test the API, all the requests would be made to the sandbox site https://apidemoeu.webex.com
No
You cam't go for production without Webexdomain. Because For recording of video,Host users's and Attendee user's it take space on server to stored all this data you need your web-ex hosting site.

Resources