I have a website behind a firewall lets call it
www.mysite.mycompany.com
I want to enable SSL on the server serving this website.
I am reading this article
https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-centos-7
And that article mentions
A DNS A Record that points your domain to the public IP address of your server...
I don't have control over the corporate DNS but since my site is a subdomain of mycompany.com do i still
need to make that DNS A record ?
Related
I have a Wordpress website (Bitnami) thats hosted in Google Cloud Platform. The IP address is something like: 33.33.33.33. My domain is hosted on Google Domains and has 2 nameservers pointing to Cloudflare. On the Cloudflare DNS settings, I have 2 A records, one is ftp and the other is something like 'mywebsite.com'. I also have a CNAME which is www mywebsite.com.
I am able to hit the full URL of my website but I also notice I can enter the IP address and it also works and loads the website. Is it possible to prevent acccess to 33.33.33.33 and only allow the full URL?
Create VPC Firewall Rules that only allow Cloudflare IP addresses.
Consult this document for the current Cloudflare IP list.
Google Cloud VPC firewall rules overview
Note: Cloudflare does not support FTP, so you must point your DNS resource record for FTP to your server's IP address and not through Cloudflare. I recommend that you do not use FTP. Use SSH/SFTP for file transfers. Configure WordPress so that installing plugins, uploading images, etc do not require FTP. FTP is not encrypted which means your login username and password are sent in the clear.
I have bought the domain from godaddy.
And I have designed the UI which is the main site hosted at say webflow or wordpress.
Now I want to host the dashboard of the main site to the subdomain of this main site from heroku.
How to achieve that?
Domain bought: goDaddy
main site: abcd.com
sub domain: dashboard.abcd.com
main site hosted at: wordpress
sub domain hosted at: abcd.herokuapp.com
Now I want to change the subdomain abcd.herokuapp.com to dashboard.abcd.com
I tried creating an 'A' record at goDaddy DNS settings for dashboard.abcd.com but it wants me to enter an IP address of heroku but when I created a DNS Zone in Heroku for dashboard.abcd.com, it doesn't seem to provide an IP address. It only provides the DNS Target value.
I laso tried to put the abcd.herokuapp.com in Goddaddy dns settings in Points To field but it doen't accpets it. It requires an IP address.
Heroku uses dynamic IP address for the dynos so it’s impossible for Heroku to provide an IP address instead it provides a DNS target. Unfortunately GoDaddy doesn’t support ALIAS/ANAME records. You might want to check out other DNS providers who support ALIAS/ANAME out of the box to configure the APEX domain.
I have setup a raspberry pi web server. I'm using nginx and google domains. I have a conf file for that domain in sites-available I configured the server_name to my domain name www.domain.com .domain.com;
The problem is that I can only access the website using .domain.com. When I try using www.domain.com I get redirect to ISP page (unable to find..).
Login to your domain provider's dashboard
If you haven't already added an A record to your DNS settings select Manage DNS and add an A record pointing to your IP address of the host.
You'll essentially need to add a CNAME record to your domain's DNS settings. The 'Name' field should be www
Depending on your provider you may have to wait till about 2- 48hrs to allow it to propagate.
How to setup AWS cloudfront with lightsail for WordPress? (on a subdomain)
I'm using Route 53 for all DNS management. I'm using a static IP from
lightsail, 3.122.2.187
Route 53 has an A record for service.openinfo.nl using an ALIAS to the cloudfront domain name.
Route 53 has an A record for wordpress.openinfo.nl pointing to the
lightsail static IP 3.122.2.187
Cloudfront has an origin domain name of wordpress.openinfo.nl
Cloudfront Origin Protocol Policy is HTTP Only.
Cloudfront Alternate Domain Names is service.openinfo.nl
Cloudfront SSL Certificate is the one issued by Route53 for *.openinfo.nl
Cloudfront Viewer Protocol Policy is Redirect HTTP to HTTPS.
This solution does not work:
The cloudfront distribution service.openinfo.nl does resolve the lightsail server but over http, it does not use the certificate I attached... Should I use redirect http to https?
Also, if I click 'login' it redirects to wordpress.openinfo.nl/wp-login.php i.e. the DNS that I assigned for the purpose of orgin domain name to cloudfront. The WordPress "WP_SITEURL" and "WP_HOME" settings somehow automatically reflect the DNS wordpress.openinfo.nl.
And also, the DNS name wordpress.openinfo.nl resolves the lightsail server (which I don't want because I want all trafic to the wordpress server to go via service.openinfo.nl). How to avoid this?
Background and what I tried:
My lightsail (WordPress) server does not show up in the "Origin Domain Name" dropdown list when creating a new distribution. So what should I do? The only AWS description on this topic that I can find is not clear on that to me.
Using the servers fixed IP address as "Origin Domain Name" in cloudfront is not allowed. So I created a DNS record in Route 53 (wordpress.openinfo.nl) to point to the static IP of my lightsail server. And I added this DNS record as "Origin Domain Name" in cloudfront (also including a https certificate *.openinfo.nl). And I selected the cloudfront distribution as A record, type alias, in Route 53. The cloudfront Alternate Domain Names (CNAMEs) is service.openinfo.nl .
So I also tried creating the service.openinfo.nl as A record (DNS) in Route 53 pointing to the static IP of the WordPress lightsail server. But then I cannot create the same service.openinfo.nl as alias A record...
So I am stuck... Please advice? Many thanks in advance! Wouter
PS: openinfo.nl points to a cloudfront distribution with a certificate which points to a static site in a S3 buckets and works fine.
https://aws.amazon.com/blogs/startups/how-to-accelerate-your-wordpress-site-with-amazon-cloudfront/
https://forums.aws.amazon.com/thread.jspa?threadID=264002
First of all, you need to point your domain to CloudFront. You will want to set up a CNAME record in your DNS zone, pointing to the xyz.cloudfront.net address you get when creating the CloudFront distribution. The name of that record should be "www.example.com" if that's the domain you want to enable CloudFront on. Making example.com (without www) work as well could be a bit more tricky as you can't use a CNAME for technical reasons. Route 53 offers a way around this, but the DNS management in Lightsail is a simpler version of that service essentially. But you can always add an A record for example.com, pointing to your server IP address. Then your server can redirect those requests (additional configuration needed).
Secondly, CloudFront needs to contact your server on some address. You could add a second record to your DNS zone. This time you call it "origin.example.com" (or anything really), make it an A record, and point it to the server IP address.
I have 3 different websites hosted on the same server, but with different domain registrars. I realize I could use the server's nameservers for all 3 domains, but I was wondering if it would be possible to use the standard registrar's nameservers, but change the DNS' A record to point at my server's IP address.
Is there any advantage/disadvantage to doing it this way?
Thanks!
there is two ways to point domain to server
domainname.com to A Record
Domainname.com to nameservers (ns1.domainname.com & ns2.domainname.com)
if you update A record with registrar for the domain, you can manage DNS with Registrar
but if you update nameserver for the domain you have to manage dns with your own server
this is the main differents