[Action Required] Secure unrestricted API keys immediately to avoid extra billing charges
Not to worry this is a quick fix. If you setup your google api keys and don't add any restrictions Google will warn you that anyone could potentially use your keys to power a map that is not hosted on your website.
While most of the time you are not charged for usage as many customer are under the free tier (Google Free Tier), it can look like a scary email.
To update and address this we have added option to allow you to lock down your api to specific urls. Notes Here
Resolution:
To resolve this issue, you need to ensure the API key's restrictions align with the type of Google Maps Platform API you are using:
For Web Services (Server-Side):
Create a new API key or modify an existing one in the Google Cloud Console.
Under "Application restrictions," select "IP addresses (web servers, cron jobs, etc.)" and add the IP address(es) of your server(s).
Under "API restrictions," select the specific Google Maps Platform APIs you intend to use (e.g., Geocoding API).
For Client-Side APIs (e.g., Maps JavaScript API):
Ensure your API key has "HTTP referrers (web sites)" restrictions applied, listing the domains from which your application will be accessed.
If you want to lock down your api by servername. Our Shopify App Servers are https://sp.roseperl.com and https://sl.roseperl.com and https://pl.roseperl.com. if you add those to your site you can import files using the admin tools. You can also use the Shortcut : https://*.roseperl.com/*
Please NOTE: you will also need to add your website and shopify domains as the map is called from your website as well as from our servers.
see examples below your would replace rpdemos.shopify.com with your shopify store name, and rpdemostore.com with your ecommerce website name.
Example Image here:
