We have a situation where we took a client site online and for some reason, IE8 shows the bright red phishing page when you go to the site.
We have our normal Google Analytics code at the bottom of the page but we are also trying to track a poll in the middle of the page using Google Analytics. We're not sure if this might be the cause?
The other thing, which might be closer to the answer is that we had set the test site up on a sub domain on our own server when the client was doing QA testing before it went live.
Could this have been the cause for IE to pick up that it might be a phishing site?
Thanks in advance!
Well according to the IE phishing filter FAQ page:
Q. What does it mean when a Web site
is blocked and flagged in red as a
reported phishing Web site?
A. A
reported phishing Web site has been
confirmed by reputable sources as
fraudulent and has been reported to
Microsoft. We recommend you do not
give any information to such Web
sites.
Your concern about the subdomain should not produce anything more than a yellow bar warning - if it has not been reported before:
Q. What does it mean when a Web site
is flagged yellow and "suspicious"?
A.
A suspicious Web site has some of the
typical characteristics of phishing
Web sites, but it is not on the list
of reported phishing Web sites. The
Web site might be legitimate, but you
should be cautious about entering any
personal or financial information
unless you are certain that the site
is trustworthy.
Related
I noticed today in the webserver logs that we sometimes get bursts (450 requests in 2 seconds) of requests from a useragent with Google Web Preview. Looking at other stackoverflow it seems this is probably related to the preview functionality on the search page or maybe to the saved/most used links at the bottom of a users chrome tabs.
I've already blocked these particular URLs in the robots.txt, so, it's obviously ignoring that. It seems from this 2010 instant previews page that you can add a nosnippet tag and Google will then not try to fetch the preview. However, it seems that adding nosnippet wouldn't actually stop the request (as they'd still have to fetch the page to parse out the tag).
Short of blocking Google's ip address which I don't want to do, is there a decent way to stop Google hammering the server periodically.
I think you probably did it, but when I get such issue I make a buffer page, and provide link on that page e.g link for admin panel that I don't want to be rendered and use NO Index on that page
I came accross to a situation where Firefox in incognito mode blocks some of the cookies on my site. More specifically google analytics cookies like _ga, _gid, ..etc. Searching in the internet I came across to this article. So browsers like Firefox somehow identify these cookies as tracking. But how? How does it know which cookies are tracking and which not? I need to know this because next time I set cookies on my server I dont want them to be blocked by browsers.
In context of the article it just means blocking reference links. For instance it blocks sending the referral information from, for instance Facebook, to other sites.
Other sites use the referral information to decide who to pay to get more traffic and stuff like that.
There's like 100 different versions of the idea of "tracking" though.
Like the article points out, your ISP always know every DNS search you do and every call to an IP so they always know ALLLL your traffic and are "tracking" it.
There's also "ad tracking" where all those google calls send out what the crawler says is on the page in order to create targeted ads and all that.
I think, based on what you wrote, you're just talking about tracking links which is just scrubbing the referral link part though.
You'd have to be more specific if that's not what you're looking at.
I'm wondering if anyone can help with this.
I'm creating a site for a client using Google Sites (A requirement they set).
One of their requirement is for a contact form to be embedded on the site. I've had a look and there are plenty out there, however, if a user visits from any version of IE the content is not displayed due to the security settings.
All other browsers are functioning fine.
I know the alternative is to simply put a link to an external source, but is not ideal.
My question is threefold fold.
1. Is it possible to write a gadget that will work for IE with non-secure content (if so how)?
2. Are there any HTTPS contact forms out there that I could use?
3. Does anyone have any experience with Google sites and trying to load non-secure content and have any tips?
Thanks
Have you tried JotForm.com? They have the same (free and premium) plans as emailmeform.com. Plus, they have a specific roundabouts to embed your form in Google Sites (they have a gadget made for Google Sites). And yes, JotForm has https url for their forms if you wish to embed it as an iframe.
-- One other solution is resort to using Google Docs form.
Does anyone have any experience with Google sites and trying to load
non-secure content and have any tips? Still awaiting people with
experience....
-- Yes, I have experienced this while trying to put some social media scripts in my Google Sites website and the best thing really was to rid my Sites of those non-secure contents.
For any interested I have kind of answered my questions.
Is it possible to write a gadget that will work for IE with non-secure content (if so how)?
It is possible but you need to have a SSL hosted server.
Are there any HTTPS contact forms out there that I could use?
There are paid solutions for this. Alternatively, write your own html code to post to one of these solutions (free solution is http://www.emailmeform.com/)
Does anyone have any experience with Google sites and trying to load non-secure content and have any tips?
Still awaiting people with experience....
I'm running a site with a lot of content, but little traffic, on a middle-of-the-road dedicated server.
Occasionally, Googlebot will stampede us, resulting in Apache maxing out its memory, and causing the server to crash.
How can I avoid this?
register at google webmaster tools, verify your site and throttle google bot down
submit a sitemap
read the google guildelines: (if-Modified-Since HTTP header)
use robot.txt to restrict access from to bot to some parts of the website
make a script that changes the robot.txt each $[period of time] to make sure the bot is never able to crawl too many pages at the same time while making sure it can crawl all the content overall
You can set how your site is crawled using google's webmaster tools. Specifically take a look at this page: Changing Google's crawl rate
You can also restrict the pages that the google bot searches using a robots.txt file. There is a setting available for crawl-delay, but it appears that it is not honored by google.
Register your site using the Google Webmaster Tools, which lets you set how often and how many requests per second googlebot should try to index your site. Google Webmaster Tools can also help you create a robots.txt file to reduce the load on your site
Note that you can set the crawl speed via Google Webmaster Tools (under Site Settings), but they only honour the setting for six months! So you have to log in every six months to set it again.
This setting was changed in Google. The setting is only saved for 90 days now (3 months, not 6).
You can configure the crawling speed in google's webmaster tools.
To limit the crawl rate:
On the Search Console Home page, click the site that you want.
Click the gear icon Settings, then click Site Settings.
In the Crawl rate section, select the option you want and then limit the crawl rate as desired.
The new crawl rate will be valid for 90 days.
I know there is no such thing as a dumb question but this is: Can you serve contextual based ads via adsense or others on a site that is entirely behind https?
Update:
We’ve updated the AdSense ad code so that it now supports secure ad serving through Secure Sockets Layer (SSL) on Hypertext Transfer Protocol Secure (HTTPS) web pages. This means that publishers with secure sites, i.e., sites that are served over the HTTPS protocol, can now use AdSense ad code to serve SSL-compliant ads. Examples of secure websites include many financial services sites, e-commerce sites, and social networking sites.
Google is aware of the issue but does not offer a properly configured HTTPS version of their code at this time. It'll work by swapping out http for https, but as mentioned above you'll get various errors in browsers.
AdSense now supports HTTPS. Just remove the "http:" portion of the ad code.
You can but visitors will receive a message that your site contains secure and none secure data in internet explorer. Most other browsers have a way to communicate this state aswell.
Yes, as long as the website is not protected by SSL certificates (in that the client accessing the website needs to have a certificate) Google is perfectly capable of indexing your site for keywords to cater the right ads for your website.
I am not sure if Google makes the adsense code available over SSL as well, if not your visitors will be warned by the browser that the page may contain insecure elements. I do know that their analytics code (For Google analytics) does contain an SSL possibility.
In case you have any more questions, Google's adsense support team/faq will be able to better provide answers to your questions, since you can let them know what site you are talking about!