I am using this code for the website:https://github.com/alshedivat/al-folio. Since Google Analytics does not allow IP addresses of visitors to be tracked, can someone please let me know of any good alternate solution to track IP address and location. Also, please tell how to integrate it into the above linked code.
What about https://matomo.org, it is an alternative to google analytics, it can be hosted on your own server. Then you can track IP addresses. But be aware inside the EU there is the DSGVO and GDPR, so take care of your users privacy!
The tracking code can be played as JS in your default layout.
Related
I'd like to redirect particular Internet Service Providers to other websites when trying to access my website (I'm a html/css newbie).
I'm not sure how to do this or whether it is possible with html/css(?), should I be looking at another language or is there a setting in Amazon Web Services that allows me to block or redirect specified ISPs.
Any ideas are very much appreciated.
I'm reminded of a story where a competitor visited a company's website to scrape pricing information. So, the company changed their website to show different prices to their competitor!
So, it seems your goal is "when requests come from IP address XX, don't give them access to my website".
Here's a few ways to achieve this:
Block traffic from a single IP using Network Access Control Lists (NACLs) — very simple and effective!
Or, you can configure rules using Advanced Request Routing for AWS Application Load Balancers
Or, you could use AWS Web Application Firewall (WAF) to block specific IP addresses
I think it would be more fun to send them to an alternative website with false information, so they don't realise you are actually blocking them!!
I reread your issue and you only wanted specific providers, this would redirect for everyone. this wont work if popups are disabled
<html>
<body onload = "forwardFunction()">
<script type="text/javascript">
function forwardFunction() {
window.open("https://www.google.com","_self");
}
</script>
If you can read this something went wrong.
</html>
I'm a hobbyist student developer playing around with the Actions on Google to create a simple "text adventure" game on Google Home. Since Google Home will be speaking to the player rather than the player reading the text, I'm hoping this will create an experience similar to the "Dungeons and Dragons" roleplaying game, with the computer working as the "Dungeon Master." With the natural language assistance offered by API.AI and Actions on Google, it seemed like a good fit, since the player can respond "naturally." Here's an example of an Amazon Alexa skill that does essentially what I'm going for.
However, every time I boot up the game, it's always a new game. I'd like to store a savegame with the user's previous state in a JSON file hosted on the user's Google Drive -- Since I'm just a student doing this for fun, I don't actually have an official website or anything beyond a free Heroku server I'm running the app from, making storing saves on my end pretty much out of the question.
I've walked through the Google Drive REST quickstart for Node.js, and I've gotten that working in the console just fine. The only problem is in that quickstart, the user has to click a link to authorize the application to read the stuff in their Google Drive account, and I'm not sure how I'd be able to "click a link" and give back an access token via voice on Google Home.
Is there a way to do this via Google Drive? Or is there a better way to provide persistent data between sessions? I don't normally work in web development, so any help would be appreciated.
The bad news is you won't be able to get away from the need for a user to use his web browser to authorise your app to access his Drive.
The good news is that you only need to do this once. When your app requests authoirsation, it should specify "offline", which will result in you being given a refresh token. You should save this somewhere in your database of users. Whenever you need to access the user's Drive, you can use the saved refresh token to request an access token and you're good to go.
You have a few problems that you need to solve here, and while they seem related, they're not as related as you might hope:
You need to get authorization to access a user's Drive space
You need to authenticate the user's Home (so you know this person has come back)
You have to connect the two relationships - so you know what Drive space to use for the Home device that is talking to you
You've found the answers to (1) already, and as noted, you'll need to use a browser for them to authorize you to access their Drive. You'll then store the refresh token and will be able to access it in the future.
But that is only part of the problem. Home does not provide you access to the user's Google account directly, so you'll have to manage your own account mechanism and tie it to Home. There are a few solutions here:
Home provides anonymous user identity in the JSON sent to your webhook. You can access this using getUser().user_id if you're using the Actions API library, or access this in the data.user.user_id field in the JSON. While this is similar to a browser cookie, it only stores the user ID and can't store additional data. There is also no concept of "local storage". On the plus side, this ID is consistent across devices.
You can request user information such as their name and address. But it doesn't have anything unique or account information, so this probably isn't useful to you.
You can implement an OAuth2 server and do account linking. Note that this is the other side from what you need to do with Google Drive - you'll be providing the access and refresh tokens to authenticate and authorize access to your account and the Google Home device will send these tokens back to you so you can determine who the user is. You don't actually need to store account information - you can provide token information using JSON Web Tokens (JWT) or other methods and have them store account information in a secure way. Users will use the Google Home app to actually sign-in to your service as a one-time event.
In order to handle (3), you may be thinking that (1) lets you get tokens and the OAuth solution for (2) requires you to hand out tokens. Can the two be combined? Well... probably, but it isn't as straightforward. You can't just give the Google OAuth2 endpoints to Home - they explicitly block that and you need to control your OAuth2 endpoints. You may, however, be able to build proxy endpoints - but I haven't explored the security implications of doing so.
I think you're on the right track - using Drive is a good place to store users' information. Using Home's account linking gives you a place where they have to come to your web site to authenticate and authorize their Home, and you can use this to do the same for their Drive.
I apologize for asking this here instead of Google's forums, but I find that they tend to yield no results at all, ever.
I have a domain verified on Google Apps through HTML file upload, which I am currently using for email.
I don't recall exactly how I prompted the verifications, but I got prompted for one about a week ago for another address#mydomain.com, and I'm trying to find out how I can void the verifications through HTML, so I can switch to the newer method of creating a DNS record.
And finally, is there a way an individual can void unauthorized verifications through Google? For example if someone verified a domain you currently own at an earlier point in time? Google doesn't allow any support contact for normal Apps accounts.
Thank you for any assistance.
Trying to verify the account or the domain?
What do you see when you go into the control panel?
If you use HTML validation and then change the IP of your web server you might get requested to re-validate.
Best use DNS validation.
Good luck.
Is it possible to find the rough location of a user on the web without using the html5 geolocation stuff which brings up a box asking for the user's permission? I have tried MaxMind but it seems pretty poor.
Your webserver (apache or somethigng like that) gets the users IP-adress when he sends a request to your server. There are some services in the web that can tell you the country and city of that address. Google for "location from ip address" to find those services. That is the best you can do without asking the user.
Everything more accurate MUST be explicitely allowed by the user himself for legal reasons. If a user finds out that you are tracking his position without having asked him, you can go to jail!!
I've used IPlocation.net They provide a list of several providers and test them against your own IP to see if they get it correct.
I personally went with IPinfo.io
I'm looking to point a new domain name to my website sub domain address.
So would all I do is buy the new domain name address and use httaccess to tell my site when the new domain name is entered to go to www.newdomain.mydomain.com. How might I go about doing that?
But I'm hoping to have the new domain name address still be shown when they are on my sub domain as this is for a festival I am helping with and they don't need to buy hosting for this short period.
Any help is appreciated.
One way to get the url to stay as the one a user typed in instead of showing up as your subdomain is to put the whole site in a frame that loads your subdomain inside of it. Some registrars will do this for you so you don't need to pay for extra hosting. If you go with this option, you don't really need a subdomain, though, as you could just put the new pages in a folder off of your main site since visitors won't see the address anyway.
A slightly more elegant solution would simply be to use virtual hosts, if your server has the capability. If you have your own server, they are not hard to set up. If you have a hosting package from a company like godaddy, the company website will often give instructions on how to do this. The idea is that the server will handle the responsibility of routing a query to a specific folder based on the url of the request. Then all you need to do is set up the folder. If you give more specifics about what your hosting setup is, it will be easier to give guidance in this respect.
To get your new domain name to point to your website you need to:
configure your domain name to point to your web site IP address
configure your web server to serve your website when it receives requests to that new domain name
The company from which you buy your new domain name will provide you with a web interface to configure your domain name and make it point to your IP address.
If you're managing your web server yourself, you will need to edit its configuration to add a new named virtualhost for your new domain name (virtualhost directives don't go into .htaccess files). If you're using a shared hosting company, they probably also provide a web interface to configure your web site, so that it accepts requests to your new domain name.