How are users able to find the IP of my origin servers using a tool like Censys.io- I'm using cloudflare and have recently suffered a DDoS attack.
I've been looking up some other sites on this service and was able to find some IPs as well. How can I prevent this from happening? I've been trying to find a solution to this but I can't really think of the right terms.
Ok it may sound strange, but I forgot where is one of my websites hosted.
I remember the domain name and I have access to setup the DNS server, but I don't remember the nameserver. It was something like ns113.icndns.net but I checked and the domain is not there.
When I use that tool I see my domain name listed there: https://viewdns.info/reverseip/?host=nemo.icnhost.net&t=1
But what are the dns server names? Is there an easy way to find or am I missing something general knowledge? Please help.
p.s. I don'g have access to the hosting account and the guy having it will return at the end of the week, but it is too late.
Some website do the job for you, such as https://who.is
it will give informations regarding a specific url.
You can also use command whois from nslookup tools to resolve those kinds of problems
https://www.manpagez.com/man/1/whois/
cheers
I have about 5-6 node.js web apps all running off of different ports that proxy to two domains via apache. Can someone guide me on how I would set up SSL for this? Could I just buy one comprehensive multi-domain/wildcard SSL cert and import that into all of my different applications?
I just need to be pointed in the right direction.
For any future lurkers, I recommend using Certbot, and then having the node HTTPS servers pull from that one certificate on the local machine. I wrote an npm module called iomicro that, among other things, does this.
Im hoping you geniuses here at stackoverflow can help me with this.
Recently i had to point my domain name to a network on Ning.com to map and merge the site with the domain, so i had to add an A and CNAME record. This disconnected the link between my domain and my web host and because of this my friends cant access their email anymore. Ning doesnt offer webmail either. And im not sure if i want to use Google Apps.
Is there a way i can retain the new domain pointer to the network on Ning.com and a pointer to my web host for the webmail? Or is there any other options i can take?
Thanks you so much :)
Is it an option for you to create a new A record to a subdomain like webmail.mydomain.com?
Not sure if this qualifies as a comment or answer, depends on your situation.
This is really more of a serverfault question also, if you want to try there.
Try Google Apps. You said you weren't sure if you wanted to use GA, but there's no better way to find out than to try it. It's easy to set up and if you don't like it, you can always disable it. I have personally had a good experience using GA for webmail on a custom domain.
What is the easiest free method of encrypting my web traffic? I'd like to be able to log in to sites on my web server without sending my password in plaintext.
Edit: My web server is running on the LAMP stack , although it is a shared host so I don't have root.
Get an X.509 certificate (for example, generating your own, or getting one free from StartSSL), and use it to set up SSL—a server-specific configuration task.
If you can't configure a new listener in your web server, there's not really a good option. In theory you could do a little hacking with some JavaScript crypto library, like JavaScrypt, and come up with something safe. I've toyed with several options but I don't know enough about it to come up with anything I feel confident about.
I don't know your circumstances, but if it were me, I'd consider another host.
https
Use a self-signed certificate.
Tell us your web server software for a detailed implementation description!
Since you don't have root your best bet is to contact your hosting provider and see what they can do for you. You may already have SSL access (try using https://yourdomain.com) using a self-certified key.
You should be able to talk them into installing a StartSSL key for you. This provides you with SSL encryption and browsers won't complain that it isn't signed by a valid Certificate Authority.
As stated above, publishing your own certification is free, however knowing more about your environment, may get you more specific answers. Are you running IIS? What will you be logging into that needs encryption? Are you using Windows Servers on the back end?
use Digest Authentication. Since you're on LAMP, you can configure it on Apache with mod_auth_digest.
Since you are trying to reduce costs, any ssl solutions will probably not be an option.
First it requires a signed certificate that cost a bit, the free ones is not always included in all web browsers.
Second to be able to utilize an ssl certificate your server ip must be dedicated to you. This is not the case in every cheap web hosting option. There are technologies that in the future will make it possible to host multiple ssl enabled sites on a single ip, but it's not here yet.
As mentioned before Digest Authentication is one option that doesn't require ssl certificate or dedicated ip.
It's a method of authentication that doesn't reveal your password even though everything else in the communication is unprotected.
In Apache this can be applied in individual directories by specific .htaccess files.
I'll repeat the previous link on mod_auth_digest.
This one is usually already installed on most servers so you won't have to ask you web hosting provider.
You don't always require root access to setup Apache to use SSL, but you will likely need to modify config files, which is either done thru your providers interface, or via files via a shell account. Either way you will need a server certificate; either self-signed, from a major company like Verisign, or one of the smaller free places like cacert.org. As noted by others, this does require a dedicated IP to your server or instance on the server.
I would recommend SSL first, but mod_auth_digest isn't a bad backup idea.