Sub-domain on a dedicated server - dns

I don't know if my title made any since because I'm not sure what the terminology for what I'm trying to do is. Let me just explain my situation and see if anyone can shed light on to what to do next.
So I'm working on a research grant and we've got a shared server with GoDaddy currently serving our domain(also managed by GoDaddy). We also have a dedicated server through GoDaddy that we are using to do heavy computations on the research side of things. What I need to do is tie a sub-domain (say research.ourdomain.org) to the dedicated server. I tried sub domain-forwarding and Masking (forwarded to a Silverlight app) and this works until someone tries to request a page outside of our Silverlight app(at which point it first hits the Silverlight app then goes to a blank page). I feel like I'm going in the wrong direction with sub-domain forwarding and masking. Is their a better way to achieve what I need?
I hope that question wasn't too convoluted.

You can do this without forwarding and masking. All you need to do is setup the server to host the subdomain. Then you will need to create the A record in your DNS control and point it to your server IP. The link, http://x.co/ZmgJ, will have more info on how to create that record. If you need server assistance, http://x.co/ZmgM can show you how to initiate live chat with our server conceirges.

Related

best way to redirect securely one domain to another in IIS without having a website

I would like to know what is the best way to redirect everything from marketing-address.com to real-address.com.
best means
as less effort as possible,
as cheap as possible,
as secure as possible.
In detail:
Less effort: If possible without the need of creating a website oder some code like javascript
Secure: https://marketing-address.com should be accpeted by the browsers - no warning.
Cheap: if possible without buying a certificate (I don't think that this is possible) and without having a second webserver running
So in theory, the communication would be like this:
Making the address targeting the same IP address
Making the existing IIS listen to that address to
Let IIS tell the caller "yes, you're totally right here, but I neither I have a website nor do I have a certificate, but you don't need anything of that since you get redirected anyway..."
Is there a chance to accomplish that? If no, I would need to buy a certificate. What would be the solution then?
There are 2 restrictions:
We are using an Azure App Service for hosting an asp.net core site, which seems to be very restricted in configuration possibilities
The browser should definetly show the real-address.com in the URL, not the marketing-address.com.
Have you tried to use an Application Gateway before the IIS/Webapp at the backend?
I believe the AppGW will solve these issues, the AppGW can redirect the hostname to another web address, as many you want to.
https://learn.microsoft.com/en-us/azure/application-gateway/ssl-overview#tls-termination

I installed a Facebook Pixel to my new website and I notice there are other domains to my site. What are they?

I have a simple landing page for insurance leads I setup a few days ago. After installing the Pixel I notice there are two other websites for the site somehow. The site is installed on a brand new Digital Ocean droplet.
I don't know anything about these sites. When I type the names of the sites in a browser they take me to my landing page.
I don't want to share any names of the site because I don't want you all registering visits with the pixel, so maybe I can give you site in a DM if you need to visit it. Thank you.
DO, like any other cloud provider, re-use IP all the time. Most likely at one point, someone bought a domain and point it to their DO instance, then either forgot or don't bother to update the domain when they delete their instance (which release the IP back to the pool). This is a very common occurrence. One could also point a domain they bought to any IP they want, even those they don't own.
Your webserver right now is set to serve any request to 80/443 regardless of the domain. Fix that, and typing those URLs won't load your landing page. If you enabled HTTPS redirection, those URLs won't (automatically) load either, because the certificate won't match.

Access internet via Apache2 ProxyPass

Recently, I made a setup where I pointed some websites to a redirect server. The redirect server in return served the website requests using ProxyPass directive of Apache2. It worked like a charm without even a single problem for my websites.
So, based on that I have got an idea to access internet via Apache2. Please note that this is because I do not have access to fast internet and every internet provider is so lousy and lame here to provide better connection speeds even for the lot of money I pay to them.
Now, https as better speends than VPN.
So, the idea is to get rid of VPN and SSH tunnel redirects and instead, resolve every domain on my Mac to a single server IP address which should be a redirect server and which can in turn bring me back every web request made from my Mac. Possible? This will make me to always use https to my own redirect server. https has better speed than VPN for me whenever I try and when I am on VPN things are too slow for me, may be because of level of encryption. Please note that I do not want solution using PPTP, L2TP and anything else which are lighter than OpenVPN (using Pritunl).
Please let me know if anything like that is possible and if yes then how.
Even though if it does not work, my mind always gets this idea every time. I just want someone to shed light on this and shut down my idea if its the worst by far. Thanks in advance.
Also, I have also seen some proxy sites where I put any website link on their website and their website works like a browser as if I am surfing on their remote server itself. May be something like that can be useful and speedy for me. But, I do not want to use them because I do not trust those sites for security. No way.
Got a solution myself without any kind of VPN.
Actually I needed to make my DNS secure and connections to my server Apps secure. So, for that I tried DNSCrypt-Proxy and its working great and resolving my DNS queries on HTTPS (443).
And, I am using an Addon on Chrome for "Always https" connections. I am blocking every request on http for Chrome using that Addon. Perfect!!!
So, now all surfing traffic on my Mac is going on HTTPS and is perfectly safe from hackers. I do not care for any other connections made by my other Mac Apps. I just care for security of my Apps while I am surfing them OR any payments I am making for shopping.
DNSCrypt-Proxy:
Please go to https://dnscrypt.org/#dnscrypt-osx and you will find all help there to how to install and run it on your Mac.
brew install dnscrypt-proxy --with-plugins
sudo dnscrypt-proxy --ephemeral-keys --resolver-name=cisco
^ You can find the resolver name in excel sheet that comes with this package.
And, just add an entry in your Network interfaces for DNS to point to 127.0.0.1, Please note that remove all other entries.
"Always HTTPS for Chrome":
https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp?hl=en
Enjoy perfect security on your Mac, if you do not care about IP address anonymity. Always use legal stuff!!!

DNS delivering ads?

Could it be that my DNS (which was set by my ISP) is making money when I go online?
I know that the 'web-page unavailable, but look at these amazing ads'-pages (when the user tries to reach the wrong address) bring them a little bit of money. But I am interested in another case.
Could it be that they serve me an ad (as pop-up or pop-down) when I go to a completely 'normal' page without consent of the web-page itself? It would be a kind of add-on, you ask for page example.com/foe, the example.com site serves the page foe, but the DNS sends you unrequested a pop-under ad.
Am I paranoid, or is it happening? Note: I know how to block ads, pop-ups/under and so on. I just want to investigate better how DNS services are trying to make a buck (or a cent) here and there.
Not exactly. The way DNS works is straight forward; say you host a web server which you have purchased a domain name of noads.com for. When you purchase that domain name you're going to be setting it to point to the IP address of your server. Now, from your servers you can host ads if you wish, or setup redirects so that when someone requests, "Noads.com/hi" they get an ad proclaiming the wonders of a cereal high in fiber. However, at this point you're past the point of DBS resolution. The request to noads.com was resolved to your IP address. The /hi folder was accessed after that resolution took place and your webserver may have presented the ad or redirected as the programmer of the website chose.
As for your ISP sneaking something in there... It would be very bad for their business, if not a suable offense, to add A records to their DNS server which direct you to an IP other than the one registered. To check that you could use www.checkdomain.com to find what the domain should be, and type in the name of the domain you want to reach. Then use a command line (press your windows key and R to bring up a run prompt, then type CMD and press enter) from there type nslookup . This will show you the IP you SHOULD be directed to and the IP you ARE being directed to.
One last parting thought, DNS is not a random function. Meaning you can't set an "If, then" on it. If you request a website it's always going to go to the same IP. The only reason it wouldn't is if there are multiple host records pointing to different IPs for a single name. I don't believe that is something to worry about, as the ISP servers will point to the official "internet" servers which will be carefully tended and kept free of error.
Hopefully this explains everything to your satisfaction. Please feel free to ask for clarification if something is not clear.
Thanks!

Display special page if website server is down. Is there a way to do this without nginx proxy?

I want to display beautiful page (with excuses) to the users if my webserver is down.
How it is possible?
My first idea was to make VM in cloud and to setup nginx there, which will check if webserver is available, and display beautiful error page if it's not.
Is there another way to perform it (without nginx proxy)? (Maybe some magic with dns.. i don't know)
Thanks in advance!
With proxy, when you site is up, all traffic will pass through that proxy. Now, what will you do when the proxy is down ? - While trying to handle one point of failure you just introduce an additional one. Also, you site response time will be lower, and you will pay three times for your traffic (your website, VPS in and VPS out). Hence, proxy idea alone makes little sense.
What you can do is when your site is down, point DNS records for your site to some other location (like your VPS). You will need DNS provider which supports dynamic updates.
You may also have such DNS-based failover completely as a service - see dnshat.com, edgedirector.com and lots of others.

Resources