How to clean my client knowledge panel

I have an SEO client who was in the Japanese adult industry, Which helps her appear in the Google Knowledge Panel. Now she is a Dj still Knowledge Panel showing her an adult actor, What I can do to help her with this.

On TLS 1.2 with ECDHE Key Exchange, how does the client make sure the server has the certificate’s private key?

When RSA is used for Key Exchange, the pre-master key is encoded with the server certificate public key, so the server would not be able to decode it if it didn’t possess the private key.

However, when ECDHE is used for Key Exchange, how does the client make sure the server is legit and possess the private key relative to the provided certificate?

python – How to run gRPC client on one machine and gRPC server on another machine?

I have implemented a simple function which calculates square root of a given number.
I ran server.py on Mac machine and client.py on windows machine. Both the machines are connected to same network.
When I run both client and Server on same machine it works. But when I run Client on another machine it fails with the following error:

Traceback (most recent call last):
  File "client.py", line 17, in <module>
    response = stub.SquareRoot(number)
  File "/Users/username/Library/Python/2.7/lib/python/site-packages/grpc/_channel.py", line 946, in __call__
    return _end_unary_response_blocking(state, call, False, None)
  File "/Users/username/Library/Python/2.7/lib/python/site-packages/grpc/_channel.py", line 849, in _end_unary_response_blocking
    raise _InactiveRpcError(state)
grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with:
        status = StatusCode.UNAVAILABLE
        details = "failed to connect to all addresses"
        debug_error_string = "{"created":"@1620574982.491455000","description":"Failed to pick subchannel","file":"src/core/ext/filters/client_channel/client_channel.cc","file_line":5420,"referenced_errors":({"created":"@1620574982.491453000","description":"failed to connect to all addresses","file":"src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc","file_line":398,"grpc_status":14})}"

clinet.py

channel = grpc.insecure_channel('192.168.0.54')
stub = calculator_pb2_grpc.CalculatorStub(channel)
number = calculator_pb2.Number(value=25)

server.py

server = grpc.server(futures.ThreadPoolExecutor(max_workers=10))

calculator_pb2_grpc.add_CalculatorServicer_to_server(
        CalculatorServicer(), server)

print('Starting server. Listening on port 50051.')
server.add_insecure_port('(::):50051')
server.start()

try:
    while True:
        time.sleep(86400)
except KeyboardInterrupt:
    server.stop(0)

Ingress client certificate authenticate requires CA certificate to be stored in secret?

I want to enable client-certificate authentication in my AKS cluster and I have a basic question which I just don’t seem to understand. As per the docs, ingress requires the CA certificate to be stored in a secret. My question is: Assuming that I use client-certificates that have been issued by a trusted CA (that’s how it works right? CAs issue client-certificates that they sign?), why would a trusted CA give me their CA certificate to be stored in AKS cluster as a secret? Do CAs just hand out their certificates out to public? Isn’t that a security issue? (since I can sign client-certificates using that CA certificate)

javascript – Loading images only in client side will affect SEO?

I’m developing news site using React and SSR, In home page I have list of items each item has image to load all the images it takes more than 5 second in first paint. I blocked Javascript from browser and tried load page it takes same time. To avoid that I decided to load images only in client side. Now site takes only one second when I blocked Javascript from browser

I’m using material UI, to load data only from client side I’m using NoSSR everything working fine but my doubt is showing images only in client side will affect SEO of my site?

  <div className={classes.iconParent}>
                <NoSsr>
                  <CardMedia className={classes.icon} image={news.newsIcon} />
                </NoSsr>
             </div>

I’m new for web development and SEO, suggestion and recommendation will be more helpful for me

c# – Correct way to handle client request authentication

I would like to get your opinion on the problem I am having, my question on SO was closed so I think this forum might be more fitting.

I am currently developing a API using .NET 5 and C#. The problem I am facing is that the clients I need to GET/POST etc. to require different types of authentication, being:

  • API Key
  • Client certificate
  • OAuth

Each of the clients have at least one of these and maybe two (API Key + other). I am struggling to figure out how to implement these calls. I have thought of a few ideas but I am not sure if any of them will actually suffice. I am using HttpClient to make the calls to the external clients. These will all come from a single service or controller. I cannot split them out into a different service or controller for each type of auth.

Here is what I have thought of:

  • Using an if or switch statement, apply the necessary configuration depending on the required auth type. This is by far the worst idea, there will be so much repetition. No DRY here.
  • Using HttpClient handlers. In effect, creating three handlers (one for each type of auth) and letting the request activate the correct handler when it is being passed through.
  • Using a typed client. But this only allows one HttpClient to be related to a single service. I need all three to be available to any service.
  • Using simple middleware in the API to handle the requests and their authentication as necessary.

Does anyone have any suggestions on how to do this and if any of the above methods would be preferable?

authentication – Key differences between X509 TLS Client certificate and server certificate

Is there any difference in X509 TLS Client cert and Server cert?

I had been implementing the certificate based mutual authentication and hence trying to get/use certificate for clients which are IoT Devices. while we are pretty much clear on server certificate, I was wondering if client certificate that individual IoT devices will load and present to server for their authentication are same / similar to what is used for server!
will client certs also to be acquired from a CA and then they will be validated by server via root CA cert in same way as server cert is validated against the root CA?

would appreciate some insight!

nginx – Client IP is seen as router IP by server when requesting server using public IP/domain by same-network client

I have been struggling with the above question for countless hours and haven’t been able to find an explanation for the behavior either on this site or any other site for that matter. Might be me using the wrong queries though. This is my first question on stack overflow, so please be gentle 😉

The setup I’m using:

I have a server behind my router (which has internal IP 192.168.2.254) and use port forwarding to forward public ports 80 and 443 to my (ubuntu) server. I can access that server either by typing in it’s public IP (say 80.81.82.83) or by going to a domain (say example.org) which A records contain the same public IP or by typing in it’s internal IP (say 192.168.2.1) when on the same network. I use NGINX on that server as a reverse proxy to delegate the request to the appropriate (web) applications on the same server. The router is the standard router I got from my internet provider.

I have two clients connecting to that server, client A is on the same network as the server (say 192.168.2.2), while client B is not on the same network, but anywhere else in the world (say 90.91.92.93).

When I connect with client B (i.e. not on the same network) to my server (either using the public IP or the domain name) and I check the NGINX access logs for the client IP (i.e. $remote_addr) the correct/expected IP address is shown: 90.91.92.93.

Now the part I don’t understand:

When I connect with client A (same network as server) to the server using the internal IP of the server (192.168.2.1) the access logs show the correct/expect IP address from the client: 192.168.2.2.
But when I connect from the same client to the server either using the public IP address or the domain name, the NGINX access logs shows the IP address from the router: 192.168.2.254.

Why does this happen? This way I cannot log (and act on) which internal clients connect to the server.