How to mask a subdomain URL with CNAME record? - cname

I need to mask the subdomain URL http://3477er.domainB.com with https://sub.domainA.com Both in different servers.
So I create the "sub" alias in domainA server pointing to https://34tter.domainB.com with a CNAME record and waited for its propagation.
I thought I should see http://3477er.domainB.com content when I type http://sub.domainA.com in browser. Instead I get the message DNS_PROBE_FINISHED_NXDOMAIN Isn't this the way a CNAME record works?
Is there any other way to achieve my subdomain masking goal?

If you are receiving a DNS_PROBE_FINISHED_NXDOMAIN error, it means one of the subdomains you listed is not resolving to an IP address. I would test both subdomains here -
https://mxtoolbox.com/DNSLookup.aspx
There are a couple important notes here though -
This will only work if the server on domainB has a binding setup for either any (wildcard) domains (usually bad idea), or a binding specifically for your domainA subdomain.
This will only hide your domainB subdomain on a very basic level, if this is what you need. So, in other words, hiding it from non-tech savvy users. It can't be relied upon if security is a concern, since someone could easily find domainB with a DNS lookup.
To truly mask the 'origin' server, you'd need to implement a proxy. This could either be done by making the requests on your domainB server itself, or by using serverless tech (such as Cloudflare Workers, AWS Lamba, etc.). However, this still won't prevent people making requests directly to domainA if they do discover it.

Related

Point sub domain to root AND redirect main domain

I have
'website.com' and 'newwebsite.com', both on LAMP environment.
I need
website.com redirecting to newwebsite.com
AND
old.website.com pointing to root of website.com
I have full control of both hosting and DNS records.
I can't figure out the best solution without creating a loop !
There are two choices here: redirects, or DNS records. If you do it with redirects it means the user will see that they have been forwarded elsewhere. If you use DNS, the user will not be aware of the deprecation of the old websites.
For this reason, I would use HTTP redirects for this task.
If you wanted to go the DNS route then simply have an A record for newwebsite.com and CNAMES for the others that point to it.

Put a subfolder onto a different server with CNAME

Here's the situation. Website.com is an ASP site which needs a blog that is to be Wordpress. So the website.com/blog needs to be hosted onto a php-friendly server. The company hosting the ASP site doesn't want to have anything to do with Wordpress so we have to use some of the shared hosting providers.
How do I have the Blog section placed onto an entirely different server? I've heard this is done with CNAME, but I've never used it. Most of the research I've done revolves around subdomains, but I need a subfolder mapping, and there's not much to read about putting subfolders onto different servers with a different IP and everything.
Thanks.
There are a few different options:
you can bring the traffic to your own server and then redirect to
the correct location
you can bring the traffic to your own server and then proxy it to the correct location
you can direct the traffic to the correct location either via full page or an IFRAME type mechanism
Each option has some benefits and drawbacks depending your devs knowledge level and your infrastructure. Regarding subdomains, you could use a combination approach where you, for example, use subdomain.yourdomain.com to point to a server instance (can be the same server or a totally different one) that maps the subdomain.yourdomain.com name to a specific path, usually via Host header.
A CNAME is a function in DNS that says "Whatever thing you wanted to find for this name, use the same thing for that other name instead". When you're working with web stuff the "thing" in there is nearly always an IP address.
That is, what a CNAME can do for you is to say that when a user's web browser tries to look up the IP address for website.com, it will use the IP address for someotherwebsite.com. Note the total absence of anything web-related, like subfolders, in this. CNAMEs work on whole domain names, nothing else. Since you want to serve only a part of the stuff at a particular name from another server, CNAME cannot help you. CNAME is the wrong tool for you problem. Do not taunt happy fun CNAME.
In order to serve website.com/blog from another server than website.com, you pretty much have to do some sort of reverse proxying (where the ASP site's server relays requests between the user and the Wordpress server). It's probably easier and more robust to give the Wordpress site its own name (blog.website.com or something), and redirect to that from website.com/blog, but only you can know if that's politically possible in your case.

How will a CNAME DNS affect Google Engine

I'm hosting a clients site at client.mysite.com, but my client want to have its own domain, like www.clientsite.com.
With a CNAME configuration, I'll be able to hook my client domain to the content, but... considering I'm still hosting my clients content, which domain will be finally listed on Google with contents of client.mysite.com contents?
a) mysite.com
b) clientsite.com
Thanks for helping.
In the DNS hierarchy, the CNAME resource record will be attached to the clientside.com. A CNAME is simply a reference to the location of that site's A record. With that in mind, I believe mysite.com will be listed as hosting the data.
Does your client want it to appear under his name?
If so, then this should not be solved using DNS (well, not only using DNS).
If your client wants to get the content listed under his domain name, the best way to do this, is to add their name to your server.
Then point client domain name to your server.
The best way to do the pointing (when also considering SEO)
is to make an webforward (301 permanent) from the root, to the www
and make the www subdomain point to the ressource.
(Or vice verca)
IF you are using the example above (webforward on root) you can use a cname instead of an A record to point the domain name. However do not add a cname to the root of a domain (effectively shutting down your domain name).
So-
Short Answer:
client.mysite.com will have the content (also according to google).
Any attempt to obfuscate this is black hat or grey hat ;)
a better way of doing it is to simply setup the clients domain name on your server.
Then point only one hostname to the server. Server host/headers will take care of the rest.
Setup in DNS
# webforward 301 www
www a or Cname to server
Quick rules:
NEVER put Cname on the root of a domain
Only allow 1 hostname to show content (can be done both as explained above via DNS/webforward or via server configurations)

Custom Subdomain with CNAME Problem

I am having a bit of a struggle grasping how to use custom domains with my app. Its the common case of having an app that assigns users to subdomains, ex. user.theapp.com and they want to use a CNAME so m.theirsite.com resolves to the application. It seems that most services that do this require you to tell them what your custom domain is, and that just adding a CNAME record doesn't work. Steps:
User creates an account.
We tell them they can make a CNAME entry to yourstuff.theapp.com (which is the current location).
This is my confusion. After 1&2 my custom domain still isnt working.. so once the client makes that CNAME record and provides us with "m.theirsite.com", what special magic do we do with it to make those sites "the same"?
Thank you in advance.
Our solution was to use PHP/MySQL to solve this. As normal, you should have the external domain/subdomain CNAME'd to your app, however as you will see, the CNAME entry doesn't need to be to the exact subdomain on the app. Next, you will build an area into your database where a user can tell you what external site they have CNAME'd from. At this point, you will perform most of your authentication on the website based on the HTTP host, either grabbing the subdomain and using it as a client, or checking if the HTTP host is in your list of CNAME's and then referencing the client from there.
What the CNAME does is just point to a server location, so if you are using wildcards in your apache configuration, foo.myapp.com resolves to the same location as bar.myapp.com, but in the app can use the host to pull out the subdomain and find the client ("foo" and "bar"). When using a CNAME, like m.mywebsite.com --cnamed--> foo.myapp.com, the application no longer has that client information in the HTTP host, and as we mentioned, the apache wildcard setup (*.myapp.com) just tosses out the subdomain.. so because of this the client must tell us "I will be visiting from m.mywebsite.com, so make that a valid host name for my authentication as well."

Is it possible to force setting CNAME record of the DNS?

Suppose I have two domain names (domainA, domainB). I set the CNAME record of domainA to domainB, so whenever a user resolves domainA, he will be redirected to resolving domainB instead. My question is if it is possible to restrict accessing domainB directly. So no one can resolve domainB unless it has first resolved domainA.
The DNS system is designed to be an open system that allows anyone to resolve addresses. In its native form it is not possible to do what you are looking for.
Even though the most common (perhaps only) software used for DNS servers on the internet is open source ISC Bind - And you could potentially use that to write your own DNS server to attempt to create that functionality I am reasonably sure that because DNS works as a referral network (i.e. other DNS servers make requests against your DNS servers on behalf of clients) it would be difficult to lock DNS down to a single source.
Simply DNS isn't designed to provide any form of security. Your request is akin to asking 'could I make a phone book that only allowed people to read my name if they read my neighbours first'
The only method you could use is to allow users to make a request to example.com and from their redirect their request to example.org. That way you are operating at a level higher than IP Name resolution and you start getting more control over what happens.

Resources