Archive For: October, 2016

Google Analytics UI Changes and Improvements

Some site owners have noticed recently that there have been changes to Google Analytics UI (User Interface) and more such as security improvements in regards to browser use, namely that Firefox and similar browsers are not compliant with how the information is displayed securely therefor will not display the analytics content for review.

Let’s review a few of these changes and some useful tips!

  • Automatic alerts will be removed from Google Analytics soon. Custom alerts will not be affected and continue to be visible.
  • The In-Page Analytics report is being removed from Google Analytics soon. However, you can still get in-page analytics by using the official Page Analytics Chrome Extension.

Furthermore the Google Analytics Code itself has undergone another change, let’s compare an old snippet to a newer snippet of code;

Old Version:
<script type=”text/javascript”>

var _gaq = _gaq || [];
_gaq.push([‘_setAccount’, ‘UA-12345678-1’]);
_gaq.push([‘_trackPageview’]);

(function() {
var ga = document.createElement(‘script’); ga.type = ‘text/javascript’; ga.async = true;
ga.src = (‘https:’ == document.location.protocol ? ‘https://ssl’ : ‘http://www’) + ‘.google-analytics.com/ga.js’;
var s = document.getElementsByTagName(‘script’)[0]; s.parentNode.insertBefore(ga, s);
})();

</script>

New Version:
<script>
(function(i,s,o,g,r,a,m){i[‘GoogleAnalyticsObject’]=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new
Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,’script’,’https://www.google-analytics.com/analytics.js’,’ga’);

ga(‘create’, ‘UA-12345678-1’, ‘auto’);
ga(‘send’, ‘pageview’);

</script>

Using the above examples, you need to check your existing Google Analytics Code and compare, if it’s outdated then simply snag the new code from the Analytics Dashboard Admin area which is rather simple so let’s recap that as well:

  • Log into your Google Analytics Account.
  • Click on the ADMIN tab at the top.
  • Click on .js Tracking Info under the Property Settings.
  • Click on Tracking Code and now scroll down, you can view the new code and copy/paste that into your relevant software.
  • Allow upwards of 24hours for the tracking code to begin tracking properly (if no code existed already).

You can view more information on the upcoming changes and improvements here.

Read More

LiteSpeed Cache and Xenforo

Every forum owner wants a lot of posts but high post counts and traffic can bring a large forum to a crawl in peak hours. The falling cost of SSD’s has helped considerably but a good caching scheme is mandatory.

LiteSpeed in conjunction with the admins at XenForo has come up with what looks to be an efficient and well-maintained scheme.
The LiteSpeed Cache Plugin for XenForo (LSCXF) is a PHP-based plugin that communicates with your installation of LiteSpeed Web Server(LSWS) and its built-in page cache, LSCache. LSCache is built directly into LSWS to significantly reduce overhead with greater efficiently than with other PHP-based caches.
The current community version of LSCXF will only cache and serve pages for non-logged-in users. After a user has logged in, their page requests will always hit the backend.
Additional Plugin Features
Automatic page caching greatly improves site performance
Support for HTTP/2 & HTTPS out-of-box

LiteSpeed ForoMTB cache efficiency.

LiteSpeed ForoMTB cache efficiency.

Load comparison Apache vs. LSWS
*Courtesy LiteSpeed Technologies Inc

Server Environment
2x AMD Opteron 6272 CPUs (32 cores)
64GB RAM
2x 1TB drives with RAID 1

Read More

How To Verify That Your Server Meets New PayPal SSL Requirements

Stricter security standards are the norm and PayPal is upgrading the SSL certificates used to secure their sites and API endpoints. The new SSL certificates standards need to be signed using the SHA-256 algorithm and 2048-bit G5 Root Certificate. The changes were originally scheduled to take place by June 17, 2016. However, I believe that date has been extended to mid-October, 2016

Bottom line is that you should immediately verify your SSL Certs as PayPal’s service will discontinue the use of SSL connections that rely on the VeriSign G2 Root Certificate.
Checking to see if your server supports the new standards is easy. Just log-in via SSH and run a single command:

openssl s_client -connect api-3t.sandbox.paypal.com:443 -showcerts | egrep -wi “G5|return”

If your server is compliant, you’ll see something to the extent of the following:

i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. – For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority – G5
Verify return code: 0 (ok)

In the output, you need to see two specific items mentioned:

A Certification Authority containing “G5”. Note that you may see several CA lines in your output; as long as G5 is included, your server is compliant.
A Verify return code of “0 (ok)”.

If you see both, your gold the server is compliant and no further action is needed. If you do not see these two items, then your server will need to have the G5 certificate bundle installed. Please contact URLJet Support to have it installed
PLEASE NOTE: CentOS 5 is not capable of supporting the new standard. If your server runs CentOS 5, it will need to be upgraded. Please contact the URLJet Support Team for the upgrade.

Read More