Category Archives: Clients

Google Jobs Indexing API Setup Problem

I’ve recently worked with Laura to set up three recruitment sites to automatically notify Google Jobs of new and changed vacancies showing on the sites.

The documentation is relatively good, but when setting up the second I made a mistake that I don’t think is easy to spot, so I’m writing it up here in case it helps someone else, or indeed myself in the future.

The problem was: we had everything set up – new set of keys and JSON for the site from the Indexing API dashboard for the site, had added the special email address you have to set up to Google Search Console, copied the reusable code from the first project, which was working fine and… it wouldn’t work. Sending URLs in through the Indexing API got the error:

Permission denied. Failed to verify the URL ownership.
reason: forbidden

Now, neither of us are daft, we could see there was a permissions problem, but couldn’t track down where it was. After much re-tracing of steps and faff, I compared everything about the existing, working project and the second one we were setting up. In Google Search Console (AKA Webmaster Tools), you have to add a special email address from the Indexing API dashboard. I’d done this incorrectly.

I had set up the Indexing API user for the site via the “New user” button in Google Search Console, then given it Full permissions. This was wrong. I should have used the “Manage property owners” link and the “Add new owner” button.

Google Search Console manage property owners link

I deleted the user I’d added with the “New user” button, added one with the “Manage property owners” link and ended up with a list like this:

List of owners in a site in Google Search Console

The Indexing API then started to work, no problem at all.

The first time I’d set up a project with the Indexing API I’d followed the instructions very closely and had got this step right, the second time I’d got ahead of myself and thought I remembered all the steps, and this bit within Search Console caught me out.

I can understand why Search Console has two different categories of user, allowing multiple owners gives a layer of management in an account which lets anyone shift in and out of ownership. But, it’d be nice if the interface was more clear for a case like this, or that they had a category for API users – maybe this will come in the future as Search Console is developed further.

So, if you’re getting a permission error when using the Indexing API, check how you have the API user set up within Search Console, it could be where your problem lies.

Secure certificate registration – ensure you choose ‘www’ or not

I’ve been helping a client move their website from their existing host to a new one, as their old host is closing down.

This was quite straightforward once they’d decided to only move the site I had written the code for, not another which was a complicated unknown entity.

The only wrinkle was they have a secure certificate to give them an https connection and we had to register a new certificate as part of the move. I did this through their host at their request, but hadn’t realised that most SSL certificates are specific to the domain, including the sub-domain. This was a mistake as they used the ‘www’ version of their address for their website, and I registered the new certificate for the non-www version.

To stop this being a problem, I put a redirect in to the .htaccess file to redirect all traffic to the non-www version on the secure connection:

RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.(.*)
RewriteRule ^.*$ https://%1/$1 [R=301,L]

The only further foible was as this was an existing site, Google had indexed the site, and shows the https version in the search results, even though the home page is not explicitly https. Now, because it points people to the https://www version of the site, it shows an unsecure error before showing the site, because the certificate isn’t valid for that on the new site.


  • Used Google Search Console (AKA Webmaster Tools) to update the preference to the non-www name
  • Updated the DNS of the www. version to point to the old server while it is still working
  • Added the above .htaccess redirect on the old server to point everyone across to the secure version of the non-www address
  • Created a new XML sitemap of the site at the secure, non-www address and re-submitted it to Google Search Console
  • Wrote an apologetic e-mail to the client explaining the mistake
  • Wrote this blog post and linked to the new site address to help the non-www address get indexed

All this means – searchers go to the old host so no security warning, then get forwarded to the new host while we wait for Google to respond to the preference change. I hope it comes through quickly.

And now I’ll go back to my scheduled work a wiser, if more tired, man.

Sending a push notification to your browser or mobile with ColdFusion and Push Engage

Push Engage is a service which lets you easily send push notifications to a browser or mobile phone, using a little code on your website. It’s very easy to set up and they currently have a very generous free account, allowing you to send a notification to up to 2,500 browsers/devices.

I’m using it as part of some alerts in the background of a client’s website. They’re using ColdFusion, so I needed to work out the code to send the alert from them, the API documentation on Push Engage has an example in PHP, but it’s very simple to convert. Here’s a CFHTTP call that will send a notification:

<cfset api_key = “(your API key here)”>

<cfhttp method=”Post”

<cfhttpparam type=”header”

<cfhttpparam type=”Formfield”
value=”The text for the alert title”>

<cfhttpparam type=”Formfield”
value=”The smaller text of the message of the notification”>

<cfhttpparam type=”Formfield”

I’ve already followed their steps for adding Javascript to a page on the website, visiting it using a browser on my computer and my phone and accepting notifications from the site. Now, when I trigger the page with this on, I get a notification a few moments later. Lovely!

Thanks to Dave Child for introducing me to Post Engage.


My first Stripe integration, using PHP

Recently I carried out my first integration to the new (to the UK) payment processing provider Stripe. My client Jasper Goodall was looking at moving to Paypal for taking payments and having integrated with Paypal in the past, I suggested Stripe as a more developer and client friendly alternative. He liked the look of Stripe and signed up.

I was moving the site from using Sagepay over to Stripe and as all the basket and post-payment logic was written, dropping in Stripe was very straightforward. Their documentation is very clear, testing is simple, and taking a payment is a doddle. I hit a few minor issues, which were:

PHP needs ‘mbstring’ turned on

My local PHP 5.2.4 install didn’t have mbstring on by default, so I had to install it. This was on my Windows PC so I had to move the mbstring DLL in to the main ‘php’ directory and edit the httpd.conf file to include the DLL as one that needed to be loaded. I then restarted Apache and it was working fine.

My host did have mbstring turned on, so I didn’t need to change anything there.

Secure certificate required

My client didn’t have a certificate to allow his to use SSL. However his host, Claranet, had a shared secure area that all of their customers could use without requiring their own certificate. This was good, but I had to re-code parts of his site so things like the stylesheets would load properly when using this area.

If you or your client are on shared hosting with one of the larger providers, it’s worth checking to see if they have a secure area you can use before investing in your own certificate. This can save you some money, but has the disadvantage that the URL of your secure pages won’t show your domain in that part of the website address, which may make some customers suspicious. It will be worth adding some text to your pages explaining how they are secured if you think that is going to be a problem.

Coding up receipts

Previously, we were using Sagepay which takes various information about the products in the customer’s basket and builds an e-mail notification of the sale for you. Stripe just take the amount of money you are charging, so I had to update the website to create a notification for the customer, and one to tell the client a sale had been made. These were very simple additions to the post-sale process.

Overall, Stripe was a delight to integrate with. I’ve set up shops using several payment gateways – Sagepay (was Protx), Worldpay, Secure Trading, Paypal, and Paypoint. Stripe was by far the easiest, taking only a few hours to integrate with including the bug fixing of my setup and the re-coding of the existing shop to send the right information through and use the extra secure area of their hosting. If you were starting from a cleaner base, you’d probably be looking at an hour or two including reading the documentation. Really nice.

Latest client project: Grafton Banks Finance re-build

Over the last few weeks I’ve been re-building the Grafton Banks Finance recruitment website. I’ve been working with them for many years, maintaining and extending the previous version of the site, which was frankly long in the tooth from their beginnings, being based on another site from within the same group.

Screenshot of Grafton Banks FinanceThe graphical side was adroitly handled by Nick Carter, and as ever he came up with the goods – a great looking site the client is happy represents them properly. The team at GBF were nervous about being able to work with Nick as this is outside their field of expertise, but he did a great job in guiding them through what they needed to think about, and then interpreting their brief.

I handled the front-end build and integration with their existing back-end PHP system, with some updates to help their business grow, including the addition of a much needed jobs by e-mail facility. Some of the front-end Javascript work saw me struggle with finding jQuery plugins and getting scripts to inter-operate. I’m very glad I signed up for a Javascript course earlier this year, and will be happy when I’ve got my head around the language in more depth so I hit less problems in this area in the future.

Screenshot of Grafton Banks Finance on an iPhoneThe site has a mobile-friendly version via Media Queries within the CSS controlling the layout of the site. It is not a fully ‘responsive design’ which would cope with all sizes of screen due to time constraints, the mobile version targets iPhone’s specifically, but also looks fine on my lower-end Android handset after an extra screen tap. This is another area I need to improve on, the conversion process only had some small hiccups and some friends in the Farm were happy to point me in the right direction to fix things, but I could have avoided the problems I was having with more experience. Some conversions of my own sites will give me some much needed practice in these areas.

Although I my own process with the work on the site could have been smoother, I think the end results for their business are good. The team at Grafton Banks Finance are lovely people, and I’m happy to have been part of building them a website that reflects their company and values properly. Check out the site here.