Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




1237 posts

Uber Geek
+1 received by user: 138

Subscriber

Topic # 242757 12-Nov-2018 20:16
Send private message

Quite a few years ago I signed up for a resellers account on JoneSolutions in the US. Over the year I used the WHM account to create a dozen or so accounts each with their own CPanel and WordPress install. The domain names are all registered with 1stDomains and each domain is set to use webhosts nameserver rather than 1stDomains DNS services. Any DNS changes (for those wanting to use Gmail or Exchange) were done in the clients CPanel.

 

I have no idea if that is "best practice" or not but it worked flawlessly until the web server died last month.

 

Rather than fix the dead server, JS decided to build a new one and assign a new IP. Fair enough I thought, their communication was good and everything was back up and running in a few days. There were some teething problems in the first couple of days and they needed to restore a couple of the accounts a second time but it all seemed to be ok on the new server and new IP address.

 

That was three weeks ago and at some point this weekend they have returned to the original IP address and here is where the problems start.

 

I had a call this morning to say when they tried to login to their site they kept getting errors. "Backend webserver unreachable", "405 Not Allowed" and "403 error". The page had a 10 second countdown, it refreshed and logged them in. Then they had issues updating plugins with "405 Not allowed" errors. If they tried again often the updates would work.

 

So I log a case with JS and take a look at a few things in the meantime.

 

https://www.whatsmydns.net has the correct webserver IP. https://intodns.com/ on the other hand is all over the place. The ns1 and ns2 records are IP's I've not seen before and the parent nameservers are returned as cluster1 and cluster2.blah. Again something I've not seen before. The parent nameservers also have no record of the nameservers I've used on 1stDomains.

 

I logged into their CPanel and all but a single MX record are gone. No A records for the webmail.blah domain or autoconfig.blah etc.

 

JS response has been that 1stDomains DNS has the nameserver pointing to an IP address which is years old and no longer applicable. But rather than explain what's changed (and the previous DNS records are all gone) they want access to 1stDomains to fix the problem.

 

So this is where there is a bigger hole in my knowledge than normal :)

 

Where do 1stDomains get the IP from with them just having the nameserver ? They say an IP address is not necessary, but should I give the IP of the nameserver anyway ? There is a directory somewhere obviously but am I right in thinking it shouldn't be a problem with the nameserver to change IP addresses ? People move accounts to new servers all the time.

 

So, did I have it set up correctly all those years ago ? Do you think I can remember exact what I did !!

 

How exactly should it be set up now ? Should 1stDomains handle all the DNS ?

 

I have other domains on 1stDomains who have Gmail email and their sites on Vultr so I know how to take care of that but I'm not sure how when the oldies still want to use JS for their email as they always have done.

 

I hope that makes some sense.

 

 


Create new topic
BDFL - Memuneh
63012 posts

Uber Geek
+1 received by user: 13587

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 2124471 12-Nov-2018 22:03
Send private message
629 posts

Ultimate Geek
+1 received by user: 176
Inactive user


  Reply # 2124478 12-Nov-2018 22:24
Send private message

> How exactly should it be set up now ? Should 1stDomains handle all the DNS ?

 

You have two options. 1) Use JS nameservers (assuming the provide them). If this is the case, 1st Domains just need to know the two (or more) nameservers that you use. You don't need (and shouldn't) provide their IP address unless the name server is your domain or a sub domain of it (this is know as glue records). 2) Use 1st Domains nameservers for hosting DNS records. In this case, you configure all the record (MX, A, etc) via the 1st Domains control panel.

 

From the post it seems like you were using the first option, but JS or cPanel are no longer hosting the zones.

 

> The parent nameservers also have no record of the nameservers I've used on 1stDomains.

 

This would be very concerning. It is unlikely that 1st Domain would do something malicious, so this would be the first thing I would be looking it. If the nameservers for your domain do not match what 1st Domains has, then there is a serious issue. Assuming you have a .nz domain name, the zone file is updated every 15 minutes.


 
 
 
 




1237 posts

Uber Geek
+1 received by user: 138

Subscriber

  Reply # 2124578 13-Nov-2018 08:36
Send private message

stinger:

 

You have two options. 1) Use JS nameservers (assuming the provide them). If this is the case, 1st Domains just need to know the two (or more) nameservers that you use. You don't need (and shouldn't) provide their IP address unless the name server is your domain or a sub domain of it (this is know as glue records).

 

 

Yep, that's how it was set up with DNS handled by JS. Looking at the DNS Zone's for these accounts in WHM it appears the SOA and A records where changed last week to cluster1|cluster2.blah from ns1|ns2.blah with "Previous value removed by cPanel transfer auto-merge".

 

stinger:

 

This would be very concerning. It is unlikely that 1st Domain would do something malicious, so this would be the first thing I would be looking it. If the nameservers for your domain do not match what 1st Domains has, then there is a serious issue. Assuming you have a .nz domain name, the zone file is updated every 15 minutes.

 

 

I've double checked everything again. 1stDomains has the correct nsns.blah. The glue record is now set in 1stDomains with ns1|ns2.blah and the server IP's.

 

When WHM has the SOA and A records pointing to cluster1|cluster2.blah intoDNS throws errors around the parent nameservers.

 

If I update the SOA and A records to ns1|ns2.blah intoDNS shows no errors but I still have issues on the website with "Backend Server Unavailable" and 403 errors. The page's still refresh and the action is still taken but I'm now reading anything and everything to try to understand what's happening.

 

JS have been great with their communication but I can't hep feeling something is not right at their end.


629 posts

Ultimate Geek
+1 received by user: 176
Inactive user


  Reply # 2124605 13-Nov-2018 09:34
Send private message

martyyn:

 

If I update the SOA and A records to ns1|ns2.blah intoDNS shows no errors but I still have issues on the website with "Backend Server Unavailable" and 403 errors. The page's still refresh and the action is still taken but I'm now reading anything and everything to try to understand what's happening.

 

 

These errors are coming from the web server, so as long as the A record for your domain is at the right place, DNS isn't the cause of your issue anymore.




1237 posts

Uber Geek
+1 received by user: 138

Subscriber

  Reply # 2124621 13-Nov-2018 10:02
Send private message

stinger:

 

These errors are coming from the web server, so as long as the A record for your domain is at the right place, DNS isn't the cause of your issue anymore.

 

 

Absolutely, what also worries me is the complete lack of DNS records in the clients CPanel Zone Editor.

 

At the moment it's a single MX record and surely that's not right.

 

I'm still waiting to hear from JS this morning so fingers crossed we can get this sorted today.




1237 posts

Uber Geek
+1 received by user: 138

Subscriber

  Reply # 2125544 14-Nov-2018 12:44
Send private message

So this was finally sorted out yesterday. Well, the cause was if not a solution yet.

 

It turns out there was an issue with BitNinja on the server. They've disabled it in the meantime whilst they work out what the problem is.


Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Orcon announces new always-on internet service for Small Business
Posted 18-Apr-2019 10:19


Spark Sport prices for Rugby World Cup 2019 announced
Posted 16-Apr-2019 07:58


2degrees launches new unlimited mobile plan
Posted 15-Apr-2019 09:35


Redgate brings together major industry speakers for SQL in the City Summits
Posted 13-Apr-2019 12:35


Exported honey authenticated on Blockchain
Posted 10-Apr-2019 21:19


HPE and Nutanix partner to deliver hybrid cloud as a service
Posted 10-Apr-2019 21:12


Southern Cross and ASN sign contract for Southern Cross NEXT
Posted 10-Apr-2019 21:09


Data security top New Zealand consumer priority when choosing a bank
Posted 10-Apr-2019 21:07


Samsung announces first 8K screens to hit New Zealand
Posted 10-Apr-2019 21:03


New cyber-protection and insurance product for businesses launched in APAC
Posted 10-Apr-2019 20:59


Kiwis ensure streaming is never interrupted by opting for uncapped broadband plans
Posted 7-Apr-2019 09:05


DHL Express introduces new MyDHL+ online portal to make shipping easier
Posted 7-Apr-2019 08:51


RackWare hybrid cloud platform removes barriers to enterprise cloud adoption
Posted 7-Apr-2019 08:50


Top partner named at MYOB High Achievers Awards
Posted 7-Apr-2019 08:48


Great ideas start in Gisborne with hackathon event back for another round
Posted 7-Apr-2019 08:42



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.