Checking if website is Mobile-Friendly

Google has announced that they will take Mobile-Friendly site into account when indexing sites. Thus, it is prudent to ensure the particular website that you’re maintaining is mobile friendly.

There are two main tools released by Google for testing if the website is Mobile-Friendly:

  1. Google Mobile Friendly Test
  2. PageSpeed Insights

However, personally I like PageSpeed Insights tool better because it gave more in-depth explanation on how to improve my site.

mobile-friendly-test

Have fun trying out.

What to do when your Google disabled your Gmail account?

Recently I managed to get my gmail account disabled by Google. At first, I didn’t think that it would be a big deal since free email account can be registered every now and then, if it managed to get disabled/suspended.

gmail disabled

But…. It turns out I WAS WRONG.

See, when Google disabled a Gmail account, it also disabled all other accounts that associates with that account, including (but not limited to) :

  • Youtube (your videos will be inaccessible)
  • Blogger (all your blogs will be made inaccessible)
  • Google+
  • Google Play / Android Market (partially affects your Android phone and contacts, your paid apps will not be available)
  • Google Drive / Google Docs (you won’t be able to access your files /documents)
  • Google Code (loose access to your code repo)
  • And anything that is related to Google service

How does a Gmail account gets disabled ?

Officially Google states that each accounts holder must comply with Google Terms of Service.

Unofficially, there could be tons of reasons why Google disable a particular Google account, which includes:

  • Suspected partaking in spamming activity
  • Age factor (based on D.O.B data entered, those under 13yrs old aren’t allowed to use Google
  • Suspected using illegal credit card (in case of purchasing through Google Wallet or Google Pay)
  • When Google suspect that your account has been compromised
  • etc…

Anyway, they didn’t tell me exactly what I did and why they disabled my account (they tell me that they won’t disclose details to avoid their automated system from being compromised by hackers).

What they do is ask me when the last time I access my account, using which browser and what are the things that I do with my Google account recently before my account being disabled.

After that, within 24 hours, my account has been restored! So if you find yourselves in similar situation, then you should try get some help from Google Products (Gmail) forums. The people there are helpful, as long as you don’t get too emotional and push them too much.

Note that you should understands the Google Product Terms & Policy when you are using any Google Products. Because from what I’ve seen from the forum, there are also those who aren’t as lucky as I am, getting their accounts permanently disabled. Once it is permanently disabled, there are absolutely *ZERO* chances of recovering your precious data.

Be warned.

Securing Ajax and Web Services

It is undeniable that Web services and AJAX-ified interfaces are the trend now. Application that utilizes internet to retrieve data (such as mobile application or other thin client) uses web services alongside with its data format. AJAX-ified interface and website gives a modern and edgy look can make websites more attractive and can create great impression to the users.

However the issue of the web application security would still remain the same, if not more challenging, since there are so many ways to exploit the vulnerability of websites that utilizes Web Services and AJAX transfers on the background.

Therefore, it is imperative to use the right technique in order to evaluate the security of these services before deploying them out in the open.

For that matter, now I’m currently reading Ajax Security (Hoffman,B. & Sullivan, B.) and Securing Ajax applications (Wells, C.) which in my opinion is a pretty good start for somebody like me to understand common methods for securing web services and websites which uses AJAX heavily.

Hopefully the situation would improved as there are a lot of campaigns around to raise the state of awareness of web application security.

Pingness.com: Free service to monitor website uptime

It is undeniable that uptime is important for business and personal websites. For example, a website with low uptime may mean that the host is having technical problem or the web server is overwhelmed by client requests (serving web pages may incur a lot of overhead)

Pingness.com service does not require sign-up, you need to submit your email address and website url, and pingness will send reports of your site downtime (if any) and when the website is back-online.

pingness

How to: Quick and Dirty Web Server Load Balancing with IPTables in Linux

Load balancing is a method to distribute workload across multiple computer over a network. The purpose of load balance in web server is to avoid one web server from being overwhelmed by requests which eventually leads the machine to come down to a crawling halt.

Assuming that you have 3 web server to assign the load to each with this IP Address:
10.20.20.1
10.20.20.2
10.20.20.3

You can drive the traffic to each of this on every third packet with this iptables rules:

iptables -A PREROUTING -i eth0 -p tcp --dport 80 -m state --state NEW -m nth --counter 0 --every 3 --packet 0 -j DNAT --to-destination 10.20.20.1:80

iptables -A PREROUTING -i eth0 -p tcp --dport 80 -m state --state NEW -m nth --counter 0 --every 3 --packet 1 -j DNAT --to-destination 10.20.20.2:80

iptables -A PREROUTING -i eth0 -p tcp --dport 80 -m state --state NEW -m nth --counter 0 --every 3 --packet 2 -j DNAT --to-destination 10.20.20.3:80

This will ensure that every 3rd packet of the request will be properly distributed among the three servers to balance the load. Note that this is only useful in simple website which serves static content or for a download servers that serve large files over the internet (CD or DVD iso downloading)