I have bought VPS server and domain that points to IP of that vps. I thought everything was working fine however i noticed that when i ping:
ping domain.com
ping asd.domain.com
ping asd.asd.asd.asd.domain.com
it gives always same result (pings my vps) and i guess it shouldn't do that (only domain.com). I'm using Ubuntu 16 on vps without any special configuration. So do i need to set up dns server or something on my server? Is this natural behaviour? How to "fix" this and how to manage subdomains?
Related
So I run a semi-private website for myself, locally hosted on my network, and port forwarded to the web. I changed from using one computer to another to host it, and whilst my public IP address correctly points to the new computer, the subdomain I'm using to access it doesn't.
From what I've gathered so far, this is only an issue on the old host computer, when I dig the subdomain, I get a reply from that localhost saying the subdomain points to localhost, but everywhere else the new subdomain points to the public IP. If I dig and ask even my router for the correct IP it points to the public one.
I've tried to flush the dns cache, but that didnt change anything.
I'm running Ubuntu Linux, and really confused.
I found it, it was set in my /etc/hosts file, I must've done that and forgotten about it
I Live in Estonia.
The second day I observe some kind of problem with the opening of some of my sites.
Example:
https://cp.nasdaq.ee - sometimes it works, sometimes it doesn't
https://185.252.232.227:8888/ - this is the same site cp.nasdaq.ee, but via IP - always opens properly
If the site is down and i enable the VPN, then it starts working.
In all other countries, the site opens without problems https://www.host-tracker.com/ru/ic/4/697585f4-486b-4c8e-b530-e3f0b6c96972/
This problem have all of my friends (5 men) who live in Estonia.
Perhaps the problem is somehow related to the fact that cp.nasdaq.ee has NS servers in the Cloudflare.com zone, but not all sites connected to Cloudflare have the problem.
I observe the problem only for those sites that are connected to Cloudflare and their A-record leads to ip 185.252.232.227.
If IP 109.205.176.239, 62.171.151.28, 62.171.151.28 are specified, then sites open without problems.
For your information,
all IPs listed are for VPS owned by Contabo.com hosting, the server is located in Germany.
The problematic IP 185.252.232.227 is from one VPS on Contabo, and all the other IPs I listed are from another VPS on Contabo.
And if i turn of status Proxied at CLoduflare.com and set DNS ONLY - then website works well!
Here is such an incomprehensible problem ...
I've got a cheap openvz Ubuntu vps and i'm trying to run my own dns server on it for learning purpose.
The dns server works fine in localhost (on the vps through ssh), i can query it using dig google.com #127.0.0.1 and i get the expected result (which is not the IP of google.com but a custom one).
When i try to query the dns server from outside the vps, using the same command, I do get a reply but the IP is not what I expect (it's an actual google.com IP).
After further investigation I found out my dns server is not receiving/sending packets when the query is done from outside the vps. So the answer is sent by something else, it seems like inbound packets with destination port 53 are deviated, they do not even reach my dns server.
I tried to query my dns server, still from outside, but this time while the VPS was SHUTDOWN. Magically i got a reply from god knows who.
Changing port from 53 to 54 everything works perfectly.
The problem is i need it to use port 53.
I don't have iptables rules nor any other firewall doing something related to port 53
I also tried to query some other random vps, from different hosting providers, seems like everyone has a dns server running! Why does everyone reply?
Of course i asked technical support, that's what they said:
Hello,
Sorry but we don't do "software" technical support on VPS.
We deliver the hosting and the operating systems, customers that order VPS are their own admins, and have to know how to manage a linux server.
We don't block any port on our side.
Best regards,
Support
Mybe your dns server is bound to the loopback interface only (so it's only listening on localhost). You can check the current service ports used (udp for DNS) using netstat and filter (grep) udp port used
netstat -an | grep ":53"
Also you can test the same dns query using the nslookup command, and checking the dns server ip that answer your dns query, in the result output:
nslookup google.com [dns_server_ip]
Also test it without dns_server_ip to check if there is a default nameserver when the specified nameserver is not responding.
Problem solved, it's my ISP intercepting and replying to dns queries.
I can do dig google.com #1.2.3.4 and i get a reply :D
Who wants to know more about this:
ISP Intercepting DNS Lookups
I was wondering about security with setting up a domain for WAMP / XAMPP.
Lets say that I want to publish website hosted on my PC with WAMP or XAMPP.
So, I have to register a domain.. and set it in WAMP / XAMPP. But, what would happen, if I set some already used domain in WAMP? For example if I set stackoverflow.com, which is already registered. What would happen? I guess that people will not see my website, but this one (stackoverflow), but how does WAMP or XAMPP recongnise that it is my website?
I am begginer with this matter, so please, dont be angry if its something obious :)
I think you are forgetting about DNS Servers and what they do.
When your browser see's any domain name you enter in the address bar, it goes to a DNS Server and asks, "Please give me the IP address for this domain name". Domain names are only there for us humans as its easier to remember stackoverflow.com than it is to remember an ip address, and that gets even more difficult for us to remember if it is on the IPV6 network.
So unless you can get all the DNS Servers in the universe changed to point the domain name stackoverflow.com to your routers external IP you wont effect anything by setting WAMP or XAMPP to use any existing domain name.
But lets say you do set WAMP/XAMPP to use an existing domain name. You would amend your HOSTS file to tell the Browser where to find that domain like this
127.0.0.1 localhost
127.0.0.1 stackoverflow.com
::1 localhost
::1 stackoverflow.com
This has the effect of seeding the local machines DNS Cache with these addresses. Now the browser will always check the DNS Cache before committing to the expence of asking a DNS Server to get the ip address, so your browser thinks that stackoverflow.com lives on your PC i.e. for IPV4 127.0.0.1 or for IPV6 ::1
All this will do is stop you getting to the real stackoverflow.com because the browser will attempt to connect to 127.0.0.1 every time you use stackoverflow.com as a domain name in the browser address bar instead of going to the real ip address for SO.
Reply to your comment
When you register a domain, you normally get access to an admin panel of some sort, where you set the ip address to use for this domain. This will set the DNS Server of who you purchased the domain from and this is then automatically propergated to all top level DNS Servers.
At that point you would set this to the External IP/WAN IP address of your router.
But be aware, if your ISP allocates IP addresses to you dynamically i.e. not a Static IP address you cannot do this, as your ISP Allocated IP Address is liable to change over time.
As a final note
WAMPServer and XAMPP are designed to be single seat developer tools and not LIVE Servers. That is not to say that the Apache in them is somehow less capable but that there is so much more to securing a web site than first meats the eye.
Also, you may not realise, but a Windows desktop OS is not a good target to run a live web server on. They are configured to be clients and as such have various limitations, mainly that a desptop OS can only manage around 20-30 external connections MAX. So if your site actually takes off, you are going to have a lot of complaints about the speed and accessibility of your site.
This destop limitation cannot be reconfigured.
I run a high volume website and since yesterday it's not working.
My server (for example) 100.0.0.1 is working fine, I can access WHM etc, rootssh no problem....
Yet none of the domains are working, they say cannot find page.
I have my name server setup at Godaddy using domainname.com
Pointing to 3 IPS, 100.0.0.1, 100.0.0.2, 100.0.0.3
All my domains then have ns1.domainname.com, ns2.domainname.com, ns3.domainname.com
As their Nameserver entries.
This was working fine yesterday, now...nothing.
Any ideas on what I can do? Troubleshoot.
Thank you, I am losing alot of trade as I run an high traffic eCommerce website, so would like to get this fixed as soon as possible.
Have you tried using the IP of the server instead of the domain name? Could roll out a DNS issue. You said you can gain root access fine.
Have you checked your firewall to ensure the correct ports are still open?
If you run a netstat command to check what type of traffic is occurring.
Run this command and then try to access the domain or IP to see if the connection is established or if the service is listening. (watch -n 1 netstat -nat)