Access lists IP for each country are available on some sites such as ip2location.com
By making changes in the .htaccess server file, they can only access the internal IPs of their own country and prevent DDos attacks.
How to make this list and what is the source of the list?
Does it provide its own country IP access list or get it from ripe ncc?
Related
I am a bit new to the deployment of a website. I have a server which is written in Node.js. Previously I had been using Heroku for deploying my apps without knowing much about deployment. I would like to know how do I deploy my server to create a website which has .com at the end of it like www.example.com and not www.example.herokuapp.com. I think it has something to do with domains (correct me if I am wrong). I would like to know what exactly is a domain and a DNS provider and how to deploy a website in such a way. Thank you.
You should ask one question to yourself when you hit www.example.com in browser how does it load a page?. When you run a website on your laptop it basically runs locally, if you want to access your website over the internet you would require public IP(host or server) accessible over the internet so you can access a webpage using public IP:port. But this is not the best option because IP may change in the future and also remembering IP for each application will be difficult. Imagine if you access Facebook, Instagram or any other websites by its IP addresses how difficult and inconvenient would it be? There are a couple of things you should know.
DNS-> Domain Name system
Every host is identified by the IP address but remembering numbers is
very difficult for the people and also the IP addresses are not static
therefore, a mapping is required to change the domain name to IP
address. So DNS is used to convert the domain name of the websites to
their numerical IP address.
DNS is a hostname to IP address translation service. DNS is a distributed database implemented in a hierarchy of name servers. It is an application layer protocol for message exchange between clients and servers.
Name servers
Domain Name Servers (DNS) are the Internet's equivalent of a phone book. They maintain a directory of domain names and translate them to Internet Protocol (IP) addresses. This is necessary because, although domain names are easy for people to remember, computers or machines, access websites based on IP addresses.
DNS record
A domain name, IP address what is the validity?? what is the time to live ?? and all the information related to that domain name.
Once you understand the DNS
Host(Deploy) your website to Amazon EC2 or Heroku and obtain Public IP.
Buy a domain from domain provider like Godaddy
Map domain(ie www.example.com to IP)-> DNS record
Mapping domain to IP may vary platform to platform but the Core principle remains the same. I would suggest you these below link. Try to find differences in both, doing so you will learn along the way
http://www.littlebigextra.com/map-domain-name-amazon-aws-ec2-instance/
https://medium.com/progress-on-ios-development/connecting-an-ec2-instance-with-a-godaddy-domain-e74ff190c233
I am new to Google Cloud DNS service. While still trying to understand the features of this service, a question popped up that though Google doesn't allow a user to create duplicate DNS A records, but how does it ensures that any other user or same user for other project is also not able to create a duplicate record?
For example. My DNS record
mywebsite.example.com may point to I.P 192.168.0.1
What will happen if another user who is also using Google cloud DNS service, creates a similar record for his project with either a different i.p address or different domain address?
For example:
mywebsite.example.com --> 192.168.0.2
or
diffwebsite.example.com --> 192.168.0.1
How will DNS lookup resolve in either case since the domain (example.com) is registered with a common registrar? Please help.
There is always one entity (person, organization, something like that) that controls a zone in DNS. If Google has control of example.org (do not use mydomain.org as your example, it is a perfectly valid existing domain that belongs to someone else), Google can fill it with whatever information they want. If they want to let their customers add exactly one A record per name in it, that's a choice they can make. It's up to Google to make sure that they don't allow creation of records that cause problems for their customers.
If you own example.org, you can put whatever you feel like in it. If you chose to have 42 A record for a name, you can. Someone looking up that name will pick one of the records more or less at random. Nobody will police what IP addresses you put in your A records. You can have records containing absolutely any IP address at all. Nobody will police what names in the zone you create (within technical constraints). You can have an entire dictionary of foul language, if you want.
If someone you have no relationship with owns example.org, you have no influence on what names and records exist in that zone. It would not be a very good idea to rely on anything in it.
Possibly something here answers your question. Possibly not. Your question is a bit confused, to be honest.
I believe the key here is the difference between a 'Registrar' and a DNS. In Registrar you set the DNS to be publicly used on the rest of the internet for your domain. You can do this only when you are the owner of that domain. DNS is the translator from a domain name to an IP.
Having in account this concepts, you can have two situations:
1) You are a domain owner: You will have your domain setup on 'Registrar' and your site will be accessible from the internet. If you use it on a Cloud DNS zone you will be able also to use all the provided features. No one will be able to modify that information to redirect traffic to other IP but the owner itself.
2) You are not the domain owner: You can configure zones using domains that might be owned by other person, but they will not be publicly accessible by domain name, this zones will only work on internal bases.
Every Cloud DNS resource lives within a Google Cloud Platform project, therefore the possible overlapping of domains is controlled internally by Google Cloud on a Project permission bases, meaning that even if someone has a zone using a domain exactly as yours, it won't be able to modify it as it doesn't have access to your project, and if you are the domain owner the traffic will only go to the name servers ( not Cloud DNS) defined on Registrar that will redirect the requests to the right IP.
I've only recently begun scratching the surface of hosting my own DNS, but I'm looking to do so in the hopes that I can facilitate my own reverse lookups.
My idea being that if I can manage my own DNS, I can give it tables I've complied about IP / FQDN relations so I can do a reverse lookups on dynamic ips (of which I know the FQDN of) without my ISP's support; I'd pair the return of something like an nslookup somewhere within my own hosted DNS then have that DNS server facilitate reverse DNS lookups for some programs that require the function (like for a CFEngine Hub)
Near as I can tell, the 'PRT' record is what I want to spoof; Right?
I'm wondering if there are better resources out in the wild to use. This and this are the best I've found about hosting DNS in this manner.
Any pitfalls I'm not seeing about trying to pursue this convoluted solution?
Reverse lookup requires the IP address owner to delegate reverse lookup DNS to you. Note that the owner here is not the DHCP recipient, but whoever assigns the IP address.
For a completely internal network, it would be possible to configure your own PTR records since you control the IP addresses being assigned.
On third party networks, the third party (who assigns IP addresses to you) would need to delegate reverse lookup for those IPs to you. In a dynamic IP situation, this delegation is unlikely because your IP comes out of a pool that is used for assigning IP addresses to many customers, not just you. Some ISPs allow allow programmatic access to configure reverse lookups, but this again seems unlikely for dynamic DNS for the same reason as delegation -- the addresses are part of pool assigned to any customer using it, not just you.
It might be possible to hack ("shadow"?) it by requiring your users / clients to use your DNS server and populating "fake" (since you don't actually have ownership of the IPs) PTR records.
Article on reverse lookup sequence and info.
http://www.dnsstuff.com/reverse-dns-faq
A way around this might be to create your own tool for looking through your forward lookup table for a specific IP address. However, this would be a custom tool separate from the usual DNS lookup tools like nslookup and dig.
How can I block all IP addresses for accessing the admin panel of my site and make my PC the only device that can access the site. I used this code:
order deny,allow
deny from all
allow from ***public_IP***
but it would allow all the IP addresses within the network. I was figuring out how to block ALL including addresses within the network. One problem I encounter is that the addresses are dynamic. As I search google, people are saying that the code above is cannot be used to dynamic IP's.
What can you suggest?
Connect via a VPN and Whitelist the VPN IP only instead.
If you want privacy, you will have to set up a network which only have you in it.
I have applied for static IP for my pc to my ISP. I was just wondering that is their any way around of making my server online without any domain registration. I know my public ip will always be configurable through various ports on my apache. But will I be able to use my own domain names without registration just to cut out cost.
Other machines will be able to find your machine from its static IP address.
If you don't register a domain for it, then other machines won't be able to use a domain name to look up the IP address. The domain name lookup is based on a public register - the actual architecture is distributed, but effectively it is a big list of domain name to IP addresses. Registration is the mechanism by which the mapping of the domain name to the IP address is allowed to be added to the public register. Once you have registered a domain name as belonging to you, your ISP or registration authority will be able to point that domain name to your static IP address.
So if you want to give your customers a domain name rather than an IP address, then you need to register the domain name.
If you only want to point a few machines to it and you have control of those machines, you can add the IP to the hosts file on those machines manually so it does not use the public domain name resolution system.