Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




1287 posts

Uber Geek

Subscriber

# 242757 12-Nov-2018 20:16
Send private message

Quite a few years ago I signed up for a resellers account on JoneSolutions in the US. Over the year I used the WHM account to create a dozen or so accounts each with their own CPanel and WordPress install. The domain names are all registered with 1stDomains and each domain is set to use webhosts nameserver rather than 1stDomains DNS services. Any DNS changes (for those wanting to use Gmail or Exchange) were done in the clients CPanel.

 

I have no idea if that is "best practice" or not but it worked flawlessly until the web server died last month.

 

Rather than fix the dead server, JS decided to build a new one and assign a new IP. Fair enough I thought, their communication was good and everything was back up and running in a few days. There were some teething problems in the first couple of days and they needed to restore a couple of the accounts a second time but it all seemed to be ok on the new server and new IP address.

 

That was three weeks ago and at some point this weekend they have returned to the original IP address and here is where the problems start.

 

I had a call this morning to say when they tried to login to their site they kept getting errors. "Backend webserver unreachable", "405 Not Allowed" and "403 error". The page had a 10 second countdown, it refreshed and logged them in. Then they had issues updating plugins with "405 Not allowed" errors. If they tried again often the updates would work.

 

So I log a case with JS and take a look at a few things in the meantime.

 

https://www.whatsmydns.net has the correct webserver IP. https://intodns.com/ on the other hand is all over the place. The ns1 and ns2 records are IP's I've not seen before and the parent nameservers are returned as cluster1 and cluster2.blah. Again something I've not seen before. The parent nameservers also have no record of the nameservers I've used on 1stDomains.

 

I logged into their CPanel and all but a single MX record are gone. No A records for the webmail.blah domain or autoconfig.blah etc.

 

JS response has been that 1stDomains DNS has the nameserver pointing to an IP address which is years old and no longer applicable. But rather than explain what's changed (and the previous DNS records are all gone) they want access to 1stDomains to fix the problem.

 

So this is where there is a bigger hole in my knowledge than normal :)

 

Where do 1stDomains get the IP from with them just having the nameserver ? They say an IP address is not necessary, but should I give the IP of the nameserver anyway ? There is a directory somewhere obviously but am I right in thinking it shouldn't be a problem with the nameserver to change IP addresses ? People move accounts to new servers all the time.

 

So, did I have it set up correctly all those years ago ? Do you think I can remember exact what I did !!

 

How exactly should it be set up now ? Should 1stDomains handle all the DNS ?

 

I have other domains on 1stDomains who have Gmail email and their sites on Vultr so I know how to take care of that but I'm not sure how when the oldies still want to use JS for their email as they always have done.

 

I hope that makes some sense.

 

 


Create new topic
BDFL - Memuneh
64673 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

628 posts

Ultimate Geek
Inactive user


  # 2124478 12-Nov-2018 22:24
Send private message

> How exactly should it be set up now ? Should 1stDomains handle all the DNS ?

 

You have two options. 1) Use JS nameservers (assuming the provide them). If this is the case, 1st Domains just need to know the two (or more) nameservers that you use. You don't need (and shouldn't) provide their IP address unless the name server is your domain or a sub domain of it (this is know as glue records). 2) Use 1st Domains nameservers for hosting DNS records. In this case, you configure all the record (MX, A, etc) via the 1st Domains control panel.

 

From the post it seems like you were using the first option, but JS or cPanel are no longer hosting the zones.

 

> The parent nameservers also have no record of the nameservers I've used on 1stDomains.

 

This would be very concerning. It is unlikely that 1st Domain would do something malicious, so this would be the first thing I would be looking it. If the nameservers for your domain do not match what 1st Domains has, then there is a serious issue. Assuming you have a .nz domain name, the zone file is updated every 15 minutes.


 
 
 
 




1287 posts

Uber Geek

Subscriber

  # 2124578 13-Nov-2018 08:36
Send private message

stinger:

 

You have two options. 1) Use JS nameservers (assuming the provide them). If this is the case, 1st Domains just need to know the two (or more) nameservers that you use. You don't need (and shouldn't) provide their IP address unless the name server is your domain or a sub domain of it (this is know as glue records).

 

 

Yep, that's how it was set up with DNS handled by JS. Looking at the DNS Zone's for these accounts in WHM it appears the SOA and A records where changed last week to cluster1|cluster2.blah from ns1|ns2.blah with "Previous value removed by cPanel transfer auto-merge".

 

stinger:

 

This would be very concerning. It is unlikely that 1st Domain would do something malicious, so this would be the first thing I would be looking it. If the nameservers for your domain do not match what 1st Domains has, then there is a serious issue. Assuming you have a .nz domain name, the zone file is updated every 15 minutes.

 

 

I've double checked everything again. 1stDomains has the correct nsns.blah. The glue record is now set in 1stDomains with ns1|ns2.blah and the server IP's.

 

When WHM has the SOA and A records pointing to cluster1|cluster2.blah intoDNS throws errors around the parent nameservers.

 

If I update the SOA and A records to ns1|ns2.blah intoDNS shows no errors but I still have issues on the website with "Backend Server Unavailable" and 403 errors. The page's still refresh and the action is still taken but I'm now reading anything and everything to try to understand what's happening.

 

JS have been great with their communication but I can't hep feeling something is not right at their end.


628 posts

Ultimate Geek
Inactive user


  # 2124605 13-Nov-2018 09:34
Send private message

martyyn:

 

If I update the SOA and A records to ns1|ns2.blah intoDNS shows no errors but I still have issues on the website with "Backend Server Unavailable" and 403 errors. The page's still refresh and the action is still taken but I'm now reading anything and everything to try to understand what's happening.

 

 

These errors are coming from the web server, so as long as the A record for your domain is at the right place, DNS isn't the cause of your issue anymore.




1287 posts

Uber Geek

Subscriber

  # 2124621 13-Nov-2018 10:02
Send private message

stinger:

 

These errors are coming from the web server, so as long as the A record for your domain is at the right place, DNS isn't the cause of your issue anymore.

 

 

Absolutely, what also worries me is the complete lack of DNS records in the clients CPanel Zone Editor.

 

At the moment it's a single MX record and surely that's not right.

 

I'm still waiting to hear from JS this morning so fingers crossed we can get this sorted today.




1287 posts

Uber Geek

Subscriber

  # 2125544 14-Nov-2018 12:44
Send private message

So this was finally sorted out yesterday. Well, the cause was if not a solution yet.

 

It turns out there was an issue with BitNinja on the server. They've disabled it in the meantime whilst they work out what the problem is.


Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Microsoft New Zealand Partner Awards results
Posted 18-Oct-2019 10:18


Logitech introduces new Made for Google keyboard and mouse devices
Posted 16-Oct-2019 13:36


MATTR launches to accelerate decentralised identity
Posted 16-Oct-2019 10:28


Vodafone X-Squad powers up for customers
Posted 16-Oct-2019 08:15


D Link ANZ launches EXO Smart Mesh Wi Fi Routers with McAfee protection
Posted 15-Oct-2019 11:31


Major Japanese retailer partners with smart New Zealand technology IMAGR
Posted 14-Oct-2019 10:29


Ola pioneers one-time passcode feature to fight rideshare fraud
Posted 14-Oct-2019 10:24


Spark Sport new home of NZC matches from 2020
Posted 10-Oct-2019 09:59


Meet Nola, Noel Leeming's new digital employee
Posted 4-Oct-2019 08:07


Registrations for Sprout Accelerator open for 2020 season
Posted 4-Oct-2019 08:02


Teletrac Navman welcomes AI tech leader Jens Meggers as new President
Posted 4-Oct-2019 07:41


Vodafone makes voice of 4G (VoLTE) official
Posted 4-Oct-2019 07:36


2degrees Reaches Milestone of 100,000 Broadband Customers
Posted 1-Oct-2019 09:17


Nokia 1 Plus available in New Zealand from 2nd October
Posted 30-Sep-2019 17:46


Ola integrates Apple Pay as payment method in New Zealand
Posted 25-Sep-2019 09:51



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.