Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




1188 posts

Uber Geek
+1 received by user: 115

Subscriber

Topic # 242757 12-Nov-2018 20:16
Send private message quote this post

Quite a few years ago I signed up for a resellers account on JoneSolutions in the US. Over the year I used the WHM account to create a dozen or so accounts each with their own CPanel and WordPress install. The domain names are all registered with 1stDomains and each domain is set to use webhosts nameserver rather than 1stDomains DNS services. Any DNS changes (for those wanting to use Gmail or Exchange) were done in the clients CPanel.

 

I have no idea if that is "best practice" or not but it worked flawlessly until the web server died last month.

 

Rather than fix the dead server, JS decided to build a new one and assign a new IP. Fair enough I thought, their communication was good and everything was back up and running in a few days. There were some teething problems in the first couple of days and they needed to restore a couple of the accounts a second time but it all seemed to be ok on the new server and new IP address.

 

That was three weeks ago and at some point this weekend they have returned to the original IP address and here is where the problems start.

 

I had a call this morning to say when they tried to login to their site they kept getting errors. "Backend webserver unreachable", "405 Not Allowed" and "403 error". The page had a 10 second countdown, it refreshed and logged them in. Then they had issues updating plugins with "405 Not allowed" errors. If they tried again often the updates would work.

 

So I log a case with JS and take a look at a few things in the meantime.

 

https://www.whatsmydns.net has the correct webserver IP. https://intodns.com/ on the other hand is all over the place. The ns1 and ns2 records are IP's I've not seen before and the parent nameservers are returned as cluster1 and cluster2.blah. Again something I've not seen before. The parent nameservers also have no record of the nameservers I've used on 1stDomains.

 

I logged into their CPanel and all but a single MX record are gone. No A records for the webmail.blah domain or autoconfig.blah etc.

 

JS response has been that 1stDomains DNS has the nameserver pointing to an IP address which is years old and no longer applicable. But rather than explain what's changed (and the previous DNS records are all gone) they want access to 1stDomains to fix the problem.

 

So this is where there is a bigger hole in my knowledge than normal :)

 

Where do 1stDomains get the IP from with them just having the nameserver ? They say an IP address is not necessary, but should I give the IP of the nameserver anyway ? There is a directory somewhere obviously but am I right in thinking it shouldn't be a problem with the nameserver to change IP addresses ? People move accounts to new servers all the time.

 

So, did I have it set up correctly all those years ago ? Do you think I can remember exact what I did !!

 

How exactly should it be set up now ? Should 1stDomains handle all the DNS ?

 

I have other domains on 1stDomains who have Gmail email and their sites on Vultr so I know how to take care of that but I'm not sure how when the oldies still want to use JS for their email as they always have done.

 

I hope that makes some sense.

 

 


Create new topic
BDFL - Memuneh
61751 posts

Uber Geek
+1 received by user: 12412

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 2124471 12-Nov-2018 22:03
Send private message quote this post
497 posts

Ultimate Geek
+1 received by user: 131


  Reply # 2124478 12-Nov-2018 22:24
Send private message quote this post

> How exactly should it be set up now ? Should 1stDomains handle all the DNS ?

 

You have two options. 1) Use JS nameservers (assuming the provide them). If this is the case, 1st Domains just need to know the two (or more) nameservers that you use. You don't need (and shouldn't) provide their IP address unless the name server is your domain or a sub domain of it (this is know as glue records). 2) Use 1st Domains nameservers for hosting DNS records. In this case, you configure all the record (MX, A, etc) via the 1st Domains control panel.

 

From the post it seems like you were using the first option, but JS or cPanel are no longer hosting the zones.

 

> The parent nameservers also have no record of the nameservers I've used on 1stDomains.

 

This would be very concerning. It is unlikely that 1st Domain would do something malicious, so this would be the first thing I would be looking it. If the nameservers for your domain do not match what 1st Domains has, then there is a serious issue. Assuming you have a .nz domain name, the zone file is updated every 15 minutes.


 
 
 
 




1188 posts

Uber Geek
+1 received by user: 115

Subscriber

  Reply # 2124578 13-Nov-2018 08:36
Send private message quote this post

stinger:

 

You have two options. 1) Use JS nameservers (assuming the provide them). If this is the case, 1st Domains just need to know the two (or more) nameservers that you use. You don't need (and shouldn't) provide their IP address unless the name server is your domain or a sub domain of it (this is know as glue records).

 

 

Yep, that's how it was set up with DNS handled by JS. Looking at the DNS Zone's for these accounts in WHM it appears the SOA and A records where changed last week to cluster1|cluster2.blah from ns1|ns2.blah with "Previous value removed by cPanel transfer auto-merge".

 

stinger:

 

This would be very concerning. It is unlikely that 1st Domain would do something malicious, so this would be the first thing I would be looking it. If the nameservers for your domain do not match what 1st Domains has, then there is a serious issue. Assuming you have a .nz domain name, the zone file is updated every 15 minutes.

 

 

I've double checked everything again. 1stDomains has the correct nsns.blah. The glue record is now set in 1stDomains with ns1|ns2.blah and the server IP's.

 

When WHM has the SOA and A records pointing to cluster1|cluster2.blah intoDNS throws errors around the parent nameservers.

 

If I update the SOA and A records to ns1|ns2.blah intoDNS shows no errors but I still have issues on the website with "Backend Server Unavailable" and 403 errors. The page's still refresh and the action is still taken but I'm now reading anything and everything to try to understand what's happening.

 

JS have been great with their communication but I can't hep feeling something is not right at their end.


497 posts

Ultimate Geek
+1 received by user: 131


  Reply # 2124605 13-Nov-2018 09:34
Send private message quote this post

martyyn:

 

If I update the SOA and A records to ns1|ns2.blah intoDNS shows no errors but I still have issues on the website with "Backend Server Unavailable" and 403 errors. The page's still refresh and the action is still taken but I'm now reading anything and everything to try to understand what's happening.

 

 

These errors are coming from the web server, so as long as the A record for your domain is at the right place, DNS isn't the cause of your issue anymore.




1188 posts

Uber Geek
+1 received by user: 115

Subscriber

  Reply # 2124621 13-Nov-2018 10:02
Send private message quote this post

stinger:

 

These errors are coming from the web server, so as long as the A record for your domain is at the right place, DNS isn't the cause of your issue anymore.

 

 

Absolutely, what also worries me is the complete lack of DNS records in the clients CPanel Zone Editor.

 

At the moment it's a single MX record and surely that's not right.

 

I'm still waiting to hear from JS this morning so fingers crossed we can get this sorted today.




1188 posts

Uber Geek
+1 received by user: 115

Subscriber

  Reply # 2125544 14-Nov-2018 12:44
Send private message quote this post

So this was finally sorted out yesterday. Well, the cause was if not a solution yet.

 

It turns out there was an issue with BitNinja on the server. They've disabled it in the meantime whilst they work out what the problem is.


Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.