I am building a site, in which I denied hotlinking of images. But after I added the facebooks "like" link to my pages, I realized that I want to allow hotlinking for facebook. So, if a user likes a page on my site, facebook should be able to show a related thumbnail of the page in the profile of the user. So, I added an exclusion rule in IIS like
if {HTTP_REFERER} matches pattern ^(https?://)?(\w+.)facebook.(com|net)(/.)*$ , allow.
Alas, it didn't work for me.
After that I googled for an answer. A forum post suggested to use "tfbnw" instead of facebook, so I added that exclusion, too:
^(https?://)?(\w+.)*tfbnw.(com|net)(/.*)*$
But as you might expect, still no chance.
So, I don't know which URL facebook uses to request images when a user uses the like button. I would appreciate any help to uncover this mystery, so that I can allow that URL on my site.
Note: If I disable hotlinking protection, everything works fine. So we know that my problem is just the hotlinking protection.
Can you try whitelisting with IP address? All of FB's crawlers should come from one of the IP addresses returned by
whois -h whois.radb.net '!gAS32934'
Try allowing the domain fbcdn.net:
^(https?://)?(\w+.)fbcdn.(com|net)(/.)*$
This is facebook's content delivery network.
Related
During checking traffic source on e-commerce website i get confused.
I know that param gclid=.. means that user is tagged by GoogleAds, while fbclid works the same way but with facebook.
However, I dont understand what does it mean while they are both together in single url, like:
www.example.com?gclid=CjwKCAiAyrXiBRAjEiwATI95mafT26kwak0CFBgICH0ZlLqafSBuyyoUBVZihf22pPdG9QK8DUmiZBoCh8YQAvD_BwE&gclsrc=aw.ds&fbclid=IwAR0oihEZbw0Q43GXiv4YW9n_G9odTEcpxzLtMxjYYqgrTt5EM-BcKqrJyuU
Is it possible that google ads is displaying ads on facebook and that is why gclid and fbclid are attached to url at the same time?
I have asked the same question on support google and get reply from them.
This case happens when a link including gclid is pasted on a Facebook
page and somebody clicks on the link.
Source to answer.
Actually it's quite possible and normal.
If user searches on web via Google, clicks on Ad and is redirected to page, for example https://example.com/index?gclid=randomstring then it displays at the top of their browser.
Now user can copy this link and share it via Messenger (more common case) or facebook to someone. Then Facebook will not remove gclid and append fbclid.
As a result, you get a link with both these parameters.
I've recently enabled hotlink protection on MaxCDN, using what is known as Referer Access Control whitelisting.
I've enabled my own domains and my CDN domain, and it's working very nicely, however, when I try to share an image on social media, the og:image is not being picked up correctly.
Using the Facebook Debugger, I can see that an error is being thrown on the og:image
"Provided og:image URL, https://cdn.collectiveray.com/images/webdesign/web_design_blogs.jpg could not be processed as an image because it has an invalid content type."
I believe the problem is that the Facebook crawler is not in the whitelist. I've allow facebook.com, *.facebook.com, fbcdn.com, *.fbcdn.com, fbcdn.net, *.fbcdn.net, yet I am still unable to resolve the above error.
Would anybody know which are the exact domains to whitelist to allow social networks, both Facebook and others, to be able to access the images directly via their CDN URL?
TIA
David
I don’t think the Facebook scraper sends any referrer.
But you can identify it based on the User-Agent it sends, see https://developers.facebook.com/docs/sharing/webmasters/crawler
Details on how to set this up for MaxCDN here, https://www.maxcdn.com/one/tutorial/blank-referers-social-networks/
I have a Facebook page of my blog but whenever I try to schedule post my blog article links on the Facebook page The Facebook automatically delete my schedule post and even some time they do not publish it can it be the reason that my domain name has been declared SPAM by the Facebook how to check it.
Use the Facebook sharing debugger.
If you input a URL that redirects to the blocked URL, it will initially say "this webpage contains a blocked URL. If you input the blocked URL directly, it will say "We can't review this website because the content doesn't meet our Community Standards. If you think this is a mistake, please let us know." You also get this message if you put in a URL that redirects to the blocked URL a second time.
https://developers.facebook.com/tools/debug/sharing/
:It is often hard to tell the reason for this but, you can definitely get out of this by following the proper instructions.
First check if your domain is prohibited or just penalized by the search engine. Or, maybe it is neither prohibited nor punishable by the domain name. It could be, you just managed to screw up your site.
Simply check this via online tool -isitban.com by entering your domain or website url.
Once found banned then, check your website content & remove content which is violating any Community Standards of facebook.
Once you are done with content optimisation then send your Facebook website again for review
I apologize in advance, I have searched for 30 and cannot find.
There used to be a way that if anyone linked to your website via FB, Facebook requested Connect / Auth for your App before actually sending the traffic out to your website.
Did they pull this feature? Or an I missing a radio button?
(Ps, I know I can request on page load; however, I would prefer to use Facebooks method unless this has been removed.)
Cbroe's answer about authenticated referrals being depreciated is correct. There is no longer a way of doing this without triggering a rerral request
onLoad, etc.
I am currently trying to use the Facebook Comment Social plugin for comments on my site. Almost everything works, the comments can be seen by people on the site and also viewable using http://developers.facebook.com/tools/comments. And the "Post to Facebook" checkbox is checked. However, the comments are still not posted on the news feed or wall or anything at all of the person commenting.
"Make every post public by default". setting is selected on moderator. and the is present in all pages.
Why is that? Have I missed anything? Please help...
Note: I cannot give the URL of the site since it is not yet uploaded to a public server and am just testing it on my PC with the router on port forwarding. I think the router is properly configured since my friends can access the site given the proper IP address.