Domain Name System, or DNS, is a complex system to understand, but cPanel has simplified the administration of DNS by adding it to the WHM interface. One of the most common tasks involved with administrating DNS is updating an A record. A records are one of the most common DNS entries, and cPanel makes updating them easy.
This article assumes that you are running BIND on a linux server, that you already have an understanding of what DNS is, the different types of DNS entries, and how DNS works. Please note: The incorrect editing of your zone file can take your site offline. All editing must be done on the authoritative nameservers for the given domain.

NOTE: Before updating any DNS record, you’ll want to lower the Time to Live (TTL) values for that zone file. A guide to lowering the TTL values can be found here.

To use WHM to edit an A record, first log in to WHM.

Click on Edit DNS Zone under DNS Functions in the menu bar on the left hand side of the screen.

On that screen, click the domain you wish to make a change to and click the edit button. You will then see a screen like the following:

In this example we will change the A record for the ftp.example.com subdomain.

To do that, locate the line that displays shows the ‘ftp’ subdomain, and update the IP address box to show the new address. Please see the below example:

Once you have made the necessary changes, click the save button at the bottom of the page to commit and load the changes. If you lowered your TTLs beforehand, the changes made should start propagating shortly.

If you have any further questions about DNS or are uncomfortable making these changes yourself, please contact our Heroic Support.

===

Liquid Web’s Heroic Support is always available to assist customers with this or any other issue. If you need our assistance please contact us:
Toll Free 1.800.580.4985
International 517.322.0434
support@liquidweb.com
https://manage.liquidweb.com/

The post Updating an A record in cPanel appeared first on Liquid Web Knowledge Base.

Domain Name Service, or DNS, can be one of the most be one of the more complicated concepts in server administration. This article will walk through changing an A record from the Linux command line.
This article assumes that you are running BIND on a linux server, that you already have an understanding of what DNS is, the different types of DNS entries, and how DNS works. Please note: The incorrect editing of your zone file can take your site offline. All editing must be done on the authoritative nameservers for the given domain.

NOTE: Before updating any DNS record, you will want to lower the Time to Live (TTL) values for that zone file. A guide to dropping the TTL values can be found here.

Below is an example of what the zone file looks like from the command line.


; Zone file for example.com
$TTL 14400
@ 86400 IN SOA ns1.example.com. admin.example..com. (
2010090802 ; serial, todays date+todays
86400 ; refresh, seconds
7200 ; retry, seconds
3600000 ; expire, seconds
86400 ) ; minimum, seconds
example.com. 86400 IN NS ns1.example.com.
example.com. 86400 IN NS ns2.example.com.
example.com. IN A 67.227.186.233
localhost.example.com. IN A 127.0.0.1
example.com. IN MX 0 example.com.
mail IN CNAME example.com.
www IN CNAME example.com.
ftp IN A 67.227.186.233
cpanel IN A 67.227.186.233


When editing an A record, we are concerned with any of the lines that something ‘IN A IP-address’. You may want to change an A record because the IP of a subdomain has changed for whatever reason. Due to propagation times involved with making DNS changes, you will want to make sure that you only make changes if they are absolutely needed.

The steps to change the A record are rather straightforward. In this example, we will change the IP address of the ftp.example.com subdomain. To make these changes from the command line:

1. 1. Edit the zone file with your favorite command line editor. In this example, we use ‘vi’.

[root@host /var/named/]% vi /var/named/example.com.db

1. 1. Locate the appropriate line and update the up address. You will see something like the following:

ftp IN A 192.168.1.100

1. 1. Update the Zone’s Serial number.
   2. Make BIND aware of your DNS changes by reloading the DNS zone.

[root@host /var/named/]% rndc reload example.com

1. 1. Test that your changes worked correctly using ‘dig’.

[root@host /var/named/]% dig @localhost ftp.example.com

That is all you have to do to change an A record on the command line. If you are uncomfortable with the command line, you can also update your A records using Web Host Manager.

If you have any questions or are not comfortable making these changes yourself, please feel free to contact Heroic Support.

===

Liquid Web’s Heroic Support is always available to assist customers with this or any other issue. If you need our assistance please contact us:
Toll Free 1.800.580.4985
International 517.322.0434
support@liquidweb.com
https://manage.liquidweb.com/

The post Updating an A record from Command Line appeared first on Liquid Web Knowledge Base.

Liquid Web provides two types of DNS service: hosting your own private nameservers on your fully-managed server, or using Liquid Web’s nameserver cluster. While the linked articles show how to set each of those options up, they do not give an overview of when either of those options might be in your best interests.

Private Nameservers

The main advantage of hosting your own nameservers on your server is ease of access. If you need to make a DNS change, it is a simple matter to log into your control panel and update a record. Need to add a CNAME record? A few minutes later, that CNAME will be headed out into the wider world.

The main disadvantage is this: should you run into problems on your server that take your nameservice offline, all of your sites will be down until it can be brought up. As services go, BIND is extremely reliable, but other problems on the server can interfere with it. Usually the type of problems that would cause this (e.g., hard drive failure, a process taking up all of the server’s memory, etc.) would themselves bring the site down.

Liquid Web’s Nameserver Cluster

Liquid Web’s nameserver cluster is designed to be much more robust than a single server. Redundant servers in multiple physical locations are more reliable than one server performing multiple tasks.

Your zones can easily be managed in the Networking section of the manage.liquidweb.com interface. The interface is different from WHM’s, but is fairly intuitive. If you have questions about managing your DNS on Liquid Web’s nameservers, do not hesitate to open a ticket through the manage interface, or contact us using the methods below.

The post Should I Host My DNS, or Use Liquid Web’s? appeared first on Liquid Web Knowledge Base.

One of the first problems people encounter when they are new to DNS is where to start looking when they need to make a DNS change. Say you want to add a new subdomain for a piece of server software you are trying out, but where exactly do you add that new A record the instructions keep talking about?

Many times the server that is handling your web site also handles its DNS records, but there is no guarantee that this is the case with every domain name. We recommend that any time you make a change to a domain’s DNS you check for a few basic bits of information about the DNS setup first. While these checks can seem repetitious, just keep reminding yourself that the one time you fail to check them and you edit the wrong DNS record you could be wasting hours or even days.

Avoid Losing Time Due to DNS

DNS propagation can cost a lot of time if you fail to double check a domain’s DNS. Changing a DNS record, even a small amount, triggers a change which can take 24 – 48 hours for all the DNS servers around the world to receive. Locally a DNS change can take effect in a very short time, but because DNS is a caching system the caching servers around the world all receive the update separately over time.

If a change is made on the incorrect nameserver you might find yourself waiting a day or more for the change to take effect, when in fact the change will never happen because it was made on the wrong nameserver.

Step 1: Whois the Domain to Verify the Nameserver

The first, and most important, step to avoiding DNS pitfalls is to run a quick Whois check on the domain name whose DNS you wish to update.

If you need assistance running a whois check please see our Knowledge Base article New User Tutorial: Whois.

The whois results tell you what nameservers are responsible for that domain’s DNS zone file.

In the results, find the section labeled Name Servers or something similar (whois results very depending on the registrar that controls the domain). In the following example we will lookup the nameservers for buy.com and then find out what the IP address of the primary nameserver is and also who owns the IP:

We start by running a whois on buy.com (note: The whois results in this example have been simplified for instructional purposes):

$ whois buy.com
===
Domain Name: BUY.COM
Registrar: NETWORK SOLUTIONS, LLC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com
Name Server: DNS03.SAVVIS.NET
Name Server: NS1.BUY.COM
Status: clientTransferProhibited
Updated Date: 28-jul-2011
Creation Date: 12-nov-1998
Expiration Date: 11-nov-2013
Domain servers in listed order:
NS1.BUY.COM 209.67.181.9
DNS03.SAVVIS.NET 209.1.222.246
===


Note that the nameserver information is listed twice, once near the top as “Name Server” and a second time near the bottom of the results as “Domain servers listed in order.” The “in listed order” section is important because it indicates priority, which for this example means that NS1.BUY.COM is the primary nameserver for buy.com.

Step 2: Ping the Nameserver to Obtain Its IP Address

Now that we have the primary nameserver we want to check the IP address that the nameserver is using.

$ ping NS1.BUY.COM
PING ns1.buy.com (209.67.181.9): 56 data bytes
64 bytes from 209.67.181.9: icmp_seq=0 ttl=118 time=68.968 ms
64 bytes from 209.67.181.9: icmp_seq=1 ttl=118 time=65.800 ms
64 bytes from 209.67.181.9: icmp_seq=2 ttl=118 time=65.799 ms


As you can see in the ping results above the IP address that NS1.BUY.COM is responding from is 209.67.181.9.

At this point, if you were an admin for buy.com, you could verify that the server you were working on also had that IP assignment and be 100% sure that you were working on the correct DNS zone file.

But, what if you discover the IP address for the nameserver is not where you expected it to be, and it is responding from a different or unexpected server? Liquid Web technicians find themselves in this situation when a customer contacts us to ask for a DNS update and we discover that we do not control that domain’s DNS. Quite often this is the case when customers utilize their registrar (such as GoDaddy, Network Solutions, etc.) as DNS providers.

If the DNS is controlled by a server that you can’t update you still want to be able to figure out where to go next (or who to contact for the update), and that is where whois comes back into play!

(Optional) Step 3: Whois the IP Address to Verify Allocation

The Whois command can also be used to find out which hosting provider or ISP “owns” a particular IP address. Simply run the command with an IP instead of a domain name (note: The whois results in this example have been simplified for instructional purposes):

$ whois 209.67.181.9
===
#
Savvis SAVVIS (NET-209-67-0-0-1) 209.67.0.0 - 209.67.255.255
Buy.Com SAVV-S230387-2 (NET-209-67-181-0-1) 209.67.181.0 - 209.67.181.255
American Registry for Internet Numbers NET209 (NET-209-0-0-0-0) 209.0.0.0 - 209.255.255.255
#
===


The output from whois tells us that the IP is part of a block (209.67.0.0 – 209.67.255.255) that belongs to Savvis, which has allocated a portion of that block (209.67.181.0 – 209.67.181.255) to buy.com. In short, the output is confirming that the IP address being used for ns1.buy.com is also owned by buy.com.

An Example from Liquid Web Support

If one of our customers registers a domain name at GoDaddy and signs up for an account with Liquid Web, they have the option of utilizing Liquid Web’s nameservers to handle their DNS. But this customer could have GoDaddy handle their DNS while Liquid Web provides the hosting services only.

If the customer contacts our support team for a DNS change, forgetting that their DNS is at GoDaddy, our technician will run a whois request on the domain name, see that the nameservers are not Liquid Web’s, and inform the customer that they need to contact someone else for the change. If the nameservers do not make it apparent who the customer needs to contact, the technician will ping the nameserver, obtain its IP address, and run a whois on the IP to find out what hosting provider owns it. The technician can then direct the customer to contact the correct provider who will then complete the DNS change.

Remember, no matter how basic this check might seem it will help you avoid hours of lost time waiting for your update to take effect!

===

Liquid Web’s Heroic Support is always available to assist customers with this or any other issue. If you need our assistance please contact us:
Toll Free 1.800.580.4985
International 517.322.0434
support@liquidweb.com
https://manage.liquidweb.com/

The post How To: Update the Right DNS Zone File appeared first on Liquid Web Knowledge Base.

Changing an existing domain name and the associated account on your server is a task that most users don’t think about until it becomes necessary. Thankfully the tools provided by cPanel make this relatively easy.

There are several approaches you can take to updating a domain name. This article describes two possible methods that are most frequently used by our support team. If you have any doubts that these choices not the best option for your domain please open a ticket with our support team and we will be happy to help.

Here are two suggested paths you can take to update an existing domain name:

Backup the Existing Account

Log in to the domain’s cPanel interface and click on the Backups icon. On the Backups screen, click the button marked Download or Generate a Full Web Site Backup.

On the following screen you will be asked where you want the backup file to be created (normally the Home directory is fine) and what e-mail address should be notified when the backup is complete. Click the Generate Backup button when you are ready.

Once the backup is complete you can log in to the domain’s cPanel and download the backup file to your local computer, as picture below:

Now that you have a full backup of your domain, it’s time to choose which one of two different options you will use to update or change the domain name.

Option 1 – Update Existing Account and Park Old Domain Name

Log in to your server’s WHM as root and find the navigation link called Modify an Account, pictured below:

Locate the account in the list (1) and click the Modify button (2), pictured below:

On the following screen locate the text field that contains the current domain name. Change the text in the box so that it displays the new domain name you wish to use (1). The domain’s username can be changed if you wish (2). When you are finished making your changes click on the Save button (3).

Back in the WHM’s navigation bar, find the DNS Functions area and click the link marked Park a Domain, pictured below:

On the Park page, select the new domain name from the list on the left (1), type the old domain name in the text field on the right (2), then click the Submit button (3).

Option 2 – Create a New Domain Account and Redirect the Old Domain Name

Log in to your server’s WHM and create a new domain account with the new domain name.

Log in to the domain-level cPanel interface for the old domain name (in this example we would get to it by going to newtest.com/cpanel).

Once you are logged in to the domain’s cPanel interface, find the section labeled Domains and click on the Redirects icon, pictured below:

On the Redirect page make sure the Type field is set to Permanent (301) (1), make sure you have the old domain name in the second line (2), enter the new domain name in the “redirects to” field (3), and optionally check the box for Wild Card Redirect (4). Knowing whether or not you need a Wild Card Redirect is outside the scope of this tutorial. If it causes any problems you can always go back and change the redirect to not use a Wild Card.

When you have finished filling out the form click the Add button (5).

The post Change a Domain Name in cPanel/WHM appeared first on Liquid Web Knowledge Base.

If you have a VPS or Dedicated server running cPanel, and your server is also running private nameservers, you will find the Web Host Manager’s (WHM’s) interface very useful when it comes to updating, creating, or removing DNS zone files for your domains.

Log in to your server’s WHM and find the navigation section on the left labeled DNS Functions.

WHM DNS Functions Described

Add a DNS Zone

Allows you to manually create entirely new DNS zone files. You do not need to create a DNS zone for a new domain account when creating a new account via WHM. The server software will automatically create a new zone file for the domain when you create an account.

Add an A Entry for your Hostname

Creates an A record in the relevant DNS zone file so the hostname of the server can be resolved. Example: If the server’s hostname is host.domain.com, WHM will look for a DNS zone file for domain.com and add a new A record to it pointing at the server’s primary IP address. If there is no domain.com record then the WHM will create an entirely new zone file called host.domain.com.

Delete a DNS Zone

This tool allows you to manually remove DNS zone files stored on the server. Note that is very important that you are careful when using this tool. In most cases DNS zone files do not need to be deleted manually when you are a terminating a domain account because the WHM will delete it automatically.

Edit DNS Zone

An easy to use graphical user interface for making manual edits to DNS zone files on the server. For more information please see our guide on Updating an A record in cPanel.

Edit MX Entry

Another graphical interface for modifying a domain’s Mail Exchange record (MX record). For more information please see our guide on Changing a Domain’s MX Record.

Edit Zone Templates

Allows editing of the server’s templates that are used when creating a new domain account or creating a new DNS zone file manually. Very rarely do these templates need to be modified.

Nameserver IPs

This tool gives you access to the IP configuration your server is using for its internal private nameservers. For more information please see our guide on Setting Up Private Nameservers in WHM/cPanel.

Park a Domain

“Parks” one domain on top of a different domain. In DNS terminology a simple park means one domain shows another domain’s content. For example, if you owned mydomain.com and mydomain.net you could create a domain account for mydomain.com and then use this tool to park mydomain.net on top of it.

Please note this is not the same as a “Virtual Park”, which is the cPanel equivalent of Add-on Domains (two or more domains sharing a single domain’s web space on the server as opposed to having their own unique accounts).

Perform a DNS Cleanup

Checks the server’s primary DNS configuration for duplicate DNS zone file entries and attempts to clean them up by removing all but one.

Reset a DNS Zone

Resets an existing DNS zone file to server defaults using the template system. It is HIGHLY recommended that you use this tool with caution as all modifications made to the domain’s DNS since it was created will be removed.

Setup/Edit Domain Forwarding

Redirects one domain to another domain. Note that the forwarding domain does not need to be on the local server, but you would still use this tool to setup the incoming redirection.

Synchronize DNS Records

This tool is only used when your server is part of a DNS cluster. DNS clustering is outside the scope of this guide but we will cover it in a future guide post.

Remember, if you have any questions regarding the use of your WHM’s DNS tools please do not hesitate to contact us using the resources below!

===

Liquid Web’s Heroic Support is always available to assist customers with this or any other issue. If you need our assistance please contact us:
Toll Free 1.800.580.4985
International 517.322.0434
support@liquidweb.com
https://manage.liquidweb.com/

The post WHM Tutorial: DNS Functions and Tools appeared first on Liquid Web Knowledge Base.

Any time you move a domain to a different IP address, you will run into at least some DNS propagation. While it cannot be avoided entirely, its effects can be minimized.

DNS propagation is simply the amount of time it takes for updates to a DNS record to propagate, or spread, throughout the world’s entire DNS infrastructure. If there was no DNS caching involved, there would be no such thing as DNS propagation; the entire internet would query your nameserver for every DNS lookup, and would get the changed information instantly. That would come at the cost of greatly increasing the traffic to your nameservers. To keep the strain on nameservers down, the designers of DNS implemented DNS caching.

In DNS caching, the servers that run DNS queries for internet users (known as ‘resolvers’) cache a copy of the domain’s zonefile the first time the user asks for that domain’s information. For a set period of time after that, that server never asks the nameserver for the domain’s zonefile. Instead, it answers all DNS questions using the zonefile that it has cached. This dramatically cuts down on the load and bandwidth of DNS nameservers the world over.

It is this caching that causes propagation. For example, if a resolver caches a zonefile for four hours, and an IP address is changed on the nameserver one hour into that period, the resolver will continue to hand out wrong DNS information for the next three hours, until the cache period is up. Once all the resolvers around the globe have started caching the latest zonefile, then propagation has ended.

A smart feature of this system is that you, the domain owner, can control that set period of time right in the zonefile. The TTL (Time To Live) value is the number of seconds that a DNS resolver is allowed to cache a zonefile before asking for a new copy of that zonefile. Normally, this value is set at 14400 seconds, or 4 hours. If you are going to make a DNS change, Liquid Web recommends that the TTL be set at 300 seconds, or 5 minutes, a full 24 hours before the DNS change is actually made. Full instructions on how to lower TTLs can be found here: How To: Lowering Your DNS TTLs.

One final point: some ISPs (Internet Service Providers) do not honor TTLs, and instead refresh their resolvers’ DNS cache once per day. Unfortunately, lowering TTLs does not lower the propagation time for these resolvers.

===

Liquid Web’s Heroic Support is always available to assist customers with this or any other issue. If you need our assistance please contact us:
Toll Free 1.800.580.4985
International 517.322.0434
support@liquidweb.com
https://manage.liquidweb.com/

The post DNS Propagation and Caching appeared first on Liquid Web Knowledge Base.

Liquid Web’s Content Delivery Network is a fantastic way to get elements of your site to your global customers in a timely manner. As part of the set up process, you may need to add a Canonical Name (CNAME) record to your domain’s DNS.

If we manage your nameservers, or if your DNS is hosted on our nameservers, our Heroic Support technicians will take care of this step. If not, as part of the CDN set up process you will need to add the following line to your domain’s zone file:

cdn.domain.com. 300 IN CNAME sourcecdn.edgesuite.net.

Substitute your domain for “domain.com” in the above example. Also make sure you follow any other necessary steps your DNS provider might require for updates to your zone file.

Why Do I Need a CNAME For My CDN?

The CNAME entry points any references to cdn.domain.com in your site code to the Content Delivery Network. For most content management system CDN plugins, simply putting the cdn.domain.com in the plugin configuration will allow site assets to be downloaded from locations across the globe.

===

Liquid Web’s Heroic Support is always available to assist customers with this or any other issue. If you need our assistance please contact us:
Toll Free 1.800.580.4985
International 517.322.0434
support@liquidweb.com
https://manage.liquidweb.com/

The post On CNAMEs and CDNs appeared first on Liquid Web Knowledge Base.

So you have decided to host your own DNS. What is the best way to go about setting this up?

First you will want to set your nameservers as the default nameservers for new cPanel accounts. Log into WHM and click Server Configuration —> Basic cPanel & WHM Setup. The very bottom of the page lets you set up four nameservers. You will need to set up two at a minimum.

When you click on Assign IP address, it will automatically grab the next available IP address on your server. If the nameserver already has an IP address, it will let you know. Note that using your IP addresses here does not prevent you from hosting one or more sites on those same IP addresses. It is a good idea here to write down the IP address for your nameserver, as you will need it later.

After you have assigned an IP address, make sure to click Add an A entry for this nameserver. A dialog box will pop up asking you to confirm the nameserver’s IP before adding the A entry. Click the Add Entry button, then Close to remove the dialog box.

After you have added at least two nameservers, click the Save Changes button at the bottom of the page in order to keep these changes.

Register Your Nameservers

The next step is to make sure that your nameservers are registered with your domain’s registrar. If you registered your domain through Liquid Web, our Heroic Support team can easily set this up for you. If not, you will have to address this with the domain’s registrar. Some registrars provide you with an interface to set this up, while others will have to do it themselves. In either case, you will need the names of your nameservers and their IP addresses. For example:
ns1.example.com 192.168.123.45
ns2.example.com 192.168.123.46
Make sure the IP addresses match the information in your WHM that you wrote down earlier.

If this step is not done, you will not be able to change any domains over to these nameservers down the road.

At this point, you should be able to start hosting DNS for your domains on your server’s nameservers. If you run into any obstacles, do not hesitate to contact Liquid Web support at one of the methods of contact below.

The post How To: Set Up Nameservers in cPanel appeared first on Liquid Web Knowledge Base.

As important as DNS is to web hosting, it is a good idea to make it redundant when possible. If you have two or more cPanel servers, you can use cPanel’s DNS clustering to lower the risk of a DNS failure on a nameserver taking down all of your sites. Here’s how to set that up:

Step One: Enable Clustering For Each Server

First, click over to Configure Cluster in WHM on each server. In the Modify Cluster Status box, select Enable DNS clustering. Click the Change button.

Step Two: Configure The Primary Nameserver

On the first server, scroll down to Add a new server to the cluster. The type will be cpanel. Click Configure. This will take you to the cPanel DNS Remote Configuration page.
In Remote cPanel & WHM DNS service, put the hostname or IP address of the second nameserver. Next, in Remote server username, put the username of the nameserver. While this can sometimes be reseller, in most cases it will be root.

In the next area, Remote server access hash, you will need to put the ssh public key of the other server. To find that key, go to the Manage root’s SSH Keys page in the second server’s WHM. Click Generate a New Key. On the next page, leave the password blank and click the Generate Key button. cPanel will issue a warning about the security of an SSH key without a password, but unfortunately it is needed for this sort of automation. (It is only a security risk if someone gains root access to your server, by which point your server’s security will already have been compromised.)

Still on the second server, click back to Manage root’s SSH Keys. Then click View/Download Key under the Public Keys: heading. This will take you to the key which you will then copy back to the first server, in the Remote server access hash field.

Uncheck the Setup Reverse Trust Relationship checkbox.

Set the DNS role of the server to Write-only. Click Submit.

Step Three: Repeat Step Two, Only Backwards

Step Three is going through the same process as Step Two, only reversing the servers. Also, role of the server should be set to Standalone instead of Write-Only.

Adding DNS Zones

There is one quirk of this system: DNS zones for domains will have to be added on the Write-Only server. So when creating cPanel accounts on the Standalone server, make sure to add the DNS for the domain to the Write-Only server.

===

Liquid Web’s Heroic Support is always available to assist customers with this or any other issue. If you need our assistance please contact us:
Toll Free 1.800.580.4985
International 517.322.0434
support@liquidweb.com
https://manage.liquidweb.com/

The post How To: Set Up Clustered Nameservers With cPanel appeared first on Liquid Web Knowledge Base.

Although the term DNS zone delegation may seem new to you, you have been using zone delegation without even realizing it. When you tell your domain’s registrar what nameservers you are using for a particular domain, you are delegating the zone for that domain.

Single zone delegation will work for most people. In fact, most use a single zone file to reference multiple hosts, or multiple subdomains residing on a single host. However, there are cases where where it may be beneficial to perform additional delegation.

For example, say that you run your own nameservers via cPanel for the exampleco.com domain. However, you are planning on spinning up a significant amount of Storm Servers, and you want these servers to utilize test.exampleco.com as the domain portion of the Fully Qualified Domain Name (FQDN). You may not want to clutter up the example.com zone file with all the entries for the test.example.com hosts. You also may want to utilize Storm API calls to create the records.

As such, you will need to delegate the test.exampleco.com zone to Liquid Web’s nameservers.

How To Delegate Zones

The first thing we will need to do is create a test.example.com zone on Liquid Web’s nameservers.

To do this, log into your management interface, click networking, and click the DNS tab. Once there, enter test.exampleco.com into the create field and click create (you will not enter an IP address):

Once that is done, you will need to go to cPanel and edit the exampleco.com zone to let it know that Liquid Web is handling the resolution requests for the test.exampleco.com zone. Remember that NS record type that I mentioned earlier? This is where you will use it:

Once that is done, to verify things are working properly, run the following in a console:

dig NS test.exampleco.com

Under the answer section, it should show ns and ns1.sourcedns.com

Once this happens, Liquid Web’s nameservers will be resolving A records for hosts utilizing the test.exampleco.com domain. Now you could write a script to make the appropriate API calls to not only create servers en mass, but add the appropriate zone records as well.

===

Liquid Web’s Heroic Support is always available to assist customers with this or any other issue. If you need our assistance please contact us:
Toll Free 1.800.580.4985
International 517.322.0434
support@liquidweb.com
https://manage.liquidweb.com/

The post Automating DNS With Zone Delegation and the Storm API appeared first on Liquid Web Knowledge Base.

Before you can host a website on a domain, that domain has to be registered with the proper authorities. Domain registration through Liquid Web is a one-click process in our manage interface, but it may not be immediately obvious just where to do so. Here’s how:

Step 1: Add The Domain to Our Nameservers

In manage, click Networking on the left-hand sidebar. Right in the center of the resulting page you will find Create a DNS Zone.

While this page is primarily for adding and editing DNS zone files, it is also where we register domains. Enter the domain you wish to register. If you know which IP address you plan on hosting the site from, select that IP address from the drop-down menu.

Step 1.5: Check the Domain Registration Box

This is the crucial step: make sure that the box marked Add Domain Name Registration for $15/year is checked before you click Create DNS Zone. Checking this little box will register the domain through Liquid Web, using the contact information from your billing account.

Step 2

Just kidding: there is no step 2. It really is that simple.

The post How To: Register a Domain through Manage appeared first on Liquid Web Knowledge Base.

To create a new domain in Plesk 11+ you will click on the Add New Domain button on the Websites & Domains tab (if you use Service Provider view you will need to choose “Manage Hosting” next to the subscription or domain). This will bring you to the Adding New Domain Name page. Here you will be required to determine three things which will be covered in detail below: DNS Settings, Hosting Type, and Hosting Settings.

DNS requirements vary from domain-to-domain, as such Plesk has multiple options for setting up DNS.

The first and most common option is Use our DNS settings and is the recommended setting. To use this option you must specify the name server(s) at the domain registrar.

The second and most advanced option is the Use DNS settings of a remote name server but keep them in Panel as well. This option best suited for those who wish to have Plesk host their DNS as a secondary name server and will require that both DNS zones are kept in sync manually.

The final option for DNS server configuration is Use DNS settings of a remote name server. This option is for advanced users and is best if the zone is already served by third-party name servers. In this case, Plesk will not host/manage your DNS zone as the remote name server(s) will be handling this. If your DNS is hosted with Liquid Web, then you can find Liquid Web’s Name Servers in this KB.

Visit this KB for more information on setting up DNS zones with Liquid Web.

Hosting Types are used by Plesk to configure particular sets of options. The first and most commonly used hosting type is Website hosting; this option will allow you to host a website and email.

The next option, Forwarding, will allow you to redirect traffic from one site to another. This option is useful if you would like to send traffic to another site that is served by a different server.

The last option is No hosting which allows you to host DNS and email, but not a website.

Depending on the Hosting type chosen you may have these additional settings:

If Website hosting was chosen, you will need to set the site’s Document root and Preferred domain. The document root is the location in which the website files exist (typically left blank by default). The Preferred domain option allows you to force the website to be redirected. This is used for SEO (Search Engine Optimization) purposes and can automatically perform a 301 redirect to the chosen domain.

If Forwarding was chosen, you will need to set the destination address and the forwarding type. The destination address is the URL in which traffic will be sent to. The forwarding type explains how the forward is done. Typically standard forwarding with a 301 redirect is the default option, although frame forwarding can be used to mask the destination URL.

The post How to Create and Add a New Domain in Plesk appeared first on Liquid Web Knowledge Base.

As you might expect, most support requests on managed cPanel servers fall into a few basic categories. What you might be surprised to discover is that many common problems can be resolved by following a few simple steps.

None of the common cPanel support requests listed here are server-critical issues that require an experienced system administrator to troubleshoot and resolve, and we recognize that many of our customers are curious about their servers and actively engaged in learning more about cPanel server administration.

To that end, we’ve gathered together some of our Most Common Support Requests, and we’re sharing them with you here — along with their solutions.

Should you find yourself experiencing one of these common issues, you’ll know exactly what to expect when contacting our Heroic Support® team. And while you certainly are welcome to try to resolve the issue yourself, remember that we are here to assist you 24 hours a day, seven days a week, 365 days a year.

These articles should hold the answers to a number of common questions and, if you are so inclined, provide you with the tools and resources to resolve some non-critical issues on your own. And should you ever find yourself in need of assistance with any issue, please do not hesitate to contact Heroic Support®.

The post Most Common Support Requests appeared first on Liquid Web Knowledge Base.

Pre-Flight Check

• These instructions are intended for domain names using Liquid Web’s nameservers.
• If the main domain uses other nameservers, such as at a registrar, you will need to log in there and add an “A” record for the hostname in the main domain’s DNS zone file. The record should point to the server’s primary IP address.

Whenever you create a new server (or change the name of an existing one) you will need to add (or update) the DNS record for its parent domain.

If the hostname does not resolve, you will not be able to:

• access WHM, cPanel, or Webmail via the hostname
• send or receive email over a secure (SSL) connection using a mail client
• verify the authenticity of email sent by the server (which could result in mail being rejected or flagged as junk by the recipient’s server)

Fortunately, adding the record is a simple process, and you can add the record in your Manage dashboard.

1. Once logged into your Manage interface at https://manage.liquidweb.com/manage, click on Domains in the left menu and then select the DNS tab in the Domains Dashboard.

2. Now, click the [+] next to the main domain name to expand the domain’s DNS record and click the Add New Record button at the bottom. For the host.examplesite.com server, we’ll be editing the DNS record for the main domain, examplesite.com.

3. Your hostname will need an “A” record pointing to the IP address of the server itself. In this case, because the server has only one IP address, it is the same as the IP address of the site.

4. Once you click the green checkmark button, the record will be added and DNS will begin to propagate. Typically only a few hours is needed for this, but it technically can take up to 24 hours to 48 hours for a DNS change to fully propagate globally.

The post How To Add a DNS Record For Your Hostname in Manage appeared first on Liquid Web Knowledge Base.

Pre-Flight Check

To manage a domain’s DNS records in your account management interface, it must use one of our nameservers, which are:

• ns.liquidweb.com and ns1.liquidweb.com
• ns.sourcedns.com and ns1.sourcedns.com

If you already know that your site is using Liquid Web’s nameservers, skip ahead to Step #2: Adding or Editing a DNS Entry.

Step #1: Where is DNS hosted?

There are several methods to determine which nameservers are considered authoritative for your domain. You can either:

• Use a web-based WHOIS lookup tool such as ICANN WHOIS and noting the listings under Name Servers
• Query WHOIS from a terminal by running the command “whois yourdomainname.com” and noting the listings under Name Servers
• Log into your Manage interface, select Domains from the left menu and click on the DNS tab. Scroll down to the CURRENT DNS ZONES section and look at the Delegation column. If you see a green button labeled “Delegated”, your domain is using our nameservers and you can click the [+] the the left of the domain name to expand its record and start managing entries immediately.

If your domain is not using our nameservers but you do want to be able manage DNS records through your Liquid Web account interface, you will need to log into your account at the registrar and update the nameservers to one of the pairs noted at the top of this article.

Step #2: Adding or Editing a DNS Entry

1. From your Manage interface, click on Domains in the left menu and then select the DNS tab in the Domains Dashboard and click the [+] to the left of the domain name to expand its DNS record.

2. To add a new record, click the blue Add New Record button at the bottom. To edit an existing record, click the Edit button to the right of the entry you wish to change. Each entry has four fields:
   • Name: This field allows you to append a prefix (or more accurately, a suffix, since domain names are resolved from right to left) to the main domain name. If you’re adding a record for a subdomain, such as shop.example.com, you would enter “shop” in this field. Note: The Name field is also called “Host” or “@” at some registrars and hosting companies.
   • TTL: This specifies, in seconds, how long the DNS entry should be cached by a resolver before it’s considered outdated and checked again. A higher setting will reduce load on the DNS server, but will extend the time it takes for the new entry or value to propagate. Generally, you will want to set a lower value prior to changing a record (300 or 3600 for 5 minutes or one hour, respectively), and then raise the TTL back after 24 to 48 hours once your change has had a chance to fully propagate.
   • Type, and Data: Manage allows you to enter and edit multiple record types. Remember that only A, AAAA, and NS records take an IP address in the Data field.
     • A and AAAA records resolve a domain to an IP address (IPv4 for A, IPv6 for AAAA). Without these records, a site will not resolve. In addition to the main domain name, you likely will want to add an A record for your hostname, as well as any subdomains which resolve to a different server.
     • CNAMEs are aliases pointing an entry back to the main domain. Once a browser requests a page from that subdomain from your web server, the server will route the request to the proper directory. If you find yourself frequently creating records for subdomains, you may wish to add a wildcard CNAME to cover any requests for subdomains without their own records. You can do so by entering an asterisk in the Name field.
     • MX records determine how mail is handled for the domain. When selecting an MX record type, Data will contain two fields: Priority and Exchange.
       • Priority always will be a number. Mail will be routed to the lowest numbered (highest priority) MX entry. Use the settings recommended by your control panel or email provider.
       • Exchange is the server to which mail will be directed.
     • NS Nameserver records specify the nameservers for the domain. Remember that the authoritative nameservers are specified at the registrar — if a WHOIS search returns different nameservers than what you’ve entered here, your entries in Manage will have no effect.
       Note: When using your own private or custom nameservers, their nameserver entries must be added at the domain’s registrar. When using custom nameservers, you will not be able to use Manage to add or edit DNS entries; that will be done via your server’s control panel.
     • SRV, or Service, records are used to configure services for your domain. When configuring an SRV record in Manage, the Name field should begin with an underscore, then the name of the service, a period, an underscore, and finally the protocol. For instance, a SRV record for Office 365’s Session Initiation Protocol over TLS would contain “_sip._tls” in the Name field. An SRV record contains four Data fields, each of which should be filled out according to the service’s instructions:
       • Priority: As with MX records, the lower the number the higher the priority.
       • Weight: Is used to distribute requests based on capacity.
       • Port: Directs requests to a specific port.
       • Target: Specifies the destination. For the example Office 365 SRV record above, the target would be “sipdir.online.lync.com”.
     • TXT records contain, as the name suggests, text. They can be used for SPF and rDNS entries, as well as domain verification information.
3. Once you click the green checkmark button, the record will be added and DNS will begin to propagate. Typically only a few hours is needed for this, but it technically can take up to 24 hours to 48 hours for a DNS change to fully propagate globally.

The post How to Add or Modify DNS Records in Manage appeared first on Liquid Web Knowledge Base.

1. This tutorial assumes you’ve already logged in to cPanel, and are starting on the home screen.

2. Now let’s learn how to add an "A record" with the DNS Zone Editor.

3. Click the "Simple Zone Editor" icon.

4. Select the domain you want to edit.

5. Then enter the "A Record", followed by the IP address you want it to point to.

6. Click Add a Record.

7. That’s it! We’ve successfully added an "A Record" to our domain.

8. You can see the new record listed here at the bottom …

9. Which is also where you can click to delete the record when it’s no longer needed.

The post How To Add a Record With the DNS Zone Editor in cPanel appeared first on Liquid Web Knowledge Base.

What is it?

Glue Records, or Nameserver Glue, relate a nameserver on the internet to an IP address. This relationship is set up at the domain registrar for the main domain on which the nameservers were created.

Names into IPs? That sounds a lot like normal DNS! How is Nameserver Glue different?

Let’s take a wider look at how DNS works. Your computer normally has no idea how to find a website on the internet from a name that you type in (like liquidweb.com), just the same as if I said “Call The Getty”, you wouldn’t know how to contact them. This first has to be turned into an IP address (like 192.0.2.0), just the same as needing to know the phone number of The Getty in order to reach them.

We normally leave this translation of names to IPs to DNS nameservers, which are like the white pages of the internet. But, even though you may be able to discover the nameserver for a domain, that’s still a domain name (like ns1.liquidweb.com) which must be turned into an IP address before it can be accessed. In our Getty example, a similar conundrum might be “Oh, you don’t know the number for The Getty? Just call the LA Visitor Bureau’s Office,” without knowing their number either. In order to look up that ns1.liquidweb.com A record, you will need to already know the IP address for liquidweb.com! Catch-22, right? That’s where Nameserver Glue comes to the rescue.

The authority for a domain is the domain registrar. The registrar holds a list of the nameservers for a particular domain name, and similarly, is able to translate a nameserver name into an IP so that you can contact the nameserver to get DNS records for a domain it controls.

Can you run through an example?

Of course! Let’s use liquidweb.com again. We start out on our browser, not knowing anything about the domain’s IP, or even what nameservers it uses. Our first step is our local DNS cache and hosts file, to see if we have visited the domain before and have a cached local record. In this example, we haven’t. Next, we check the nameservers at our ISP (Internet Service Provider) or another local caching nameserver, to see if they have a cached record. Let’s say they don’t, and we have to start from the root. We use a public service to determine the registrar, and subsequently, the nameserver names. You can do the same thing by using the linux whois command:

whois liquidweb.com

This tells us the domain registrar (network solutions) and the authoritative nameservers (ns.liquidweb.com and ns1.liquidweb.com).

Now we have the nameservers for liquidweb.com, and we know who to contact to get the IP address for the domain. But we still can’t contact those nameservers; we only know the name, and we can’t do another DNS lookup for them, since the records are on the nameservers themselves! So, we ask the registrar for the IP addresses of the nameservers as well. You can test this query using the whois tool as well:

whois ns.liquidweb.com

In our example, we get 69.16.222.254 and 69.16.223.254 as the nameserver IPs.

Now that we have IP addresses, we can ask ns.liquidweb.com and ns1.liquidweb.com about the IP address of liquidweb.com, and the browser can carry on with its query for the web page.

You can see that without Glue Records set up at the registrar, we would never be able to contact the nameservers, and no one would be able to go to liquidweb.com!

Do I need Glue Records?

Anyone who uses a shared set of nameservers, like ns.liquidweb.com and ns1.liquidweb.com or the CloudFlare service, will probably not need to worry about Glue Records, since these are already set up. But, if you are using custom nameservers, like ones based around your domain name, or you are setting up a new set of nameservers for your clients, or moving your nameservers from one set of IPs to another during a domain migration, you will need to make sure your Glue Records are set up properly.

How do I set up Glue Records for my nameservers?

Every domain registrar has different steps for setting up the nameserver Glue Records for a domain. But, you will need to know a few things for certain in order to be successful:

• First, you will need your registrar login information for the domain on which you would like to set up nameservers (whomever you purchased your primary domain name from).
• Next, you need to know the names of your nameservers (most people choose ns1 and ns2).
• Finally, you need to have IP addresses for each of your nameservers. Some registrars are OK with using the same IP address for both nameservers, but sometimes they want different IPs.

For cPanel servers, and most other servers running the BIND nameserver software, all of the IPs on the machine are set up to listen for DNS requests, so you can use any of your IPs for any of your nameservers. But, you should also make sure that the actual A records for the nameservers also match whatever you enter in as Glue Records, just to keep everything properly aligned. Also, nameserver software (like BIND) and webserver software (like Apache or Nginx) listen on different network ports, so you can use the same IP for your nameservers as you do for serving websites without any issues.

If you don’t have access directly to the registrar, ask your domain name reseller to set up the Glue Records for you. If you purchased your domain name through Liquid Web, just open a support ticket or chat with us, and we can handle the rest.

The post What are Glue Records? appeared first on Liquid Web Knowledge Base.

Adding a DNS Zone

Log into your Liquid Web account, select Domains from the left menu, and click on the DNS tab. Scroll down to the Create a New DNS Zone section.

Create a New DNS Zone

1. Input the domain name of your choosing
2. Select the ‘IP Address’ drop-down list:
   Other IP Address – User defined IP address to use for the relevant domain
   Import From a Live Domain – Based on the domain selected, our system will copy current the A record IP address
3. Click the ‘Create New DNS Zone’ button

Uploading a Zone File

This option should be used when trying to import an existing DNS zone file from an external source or from a backup.

1. Input the domain name of your choosing
2. Click on the ‘Upload Zone File’ button
3. Select the DNS zone file from your local file system

Exporting a DNS Zone

1. Scroll to the Current DNS Zones section and click the [+] Plus Sign to the left of the domain name to expand the zone details
2. Click on ‘Download Zone Records’ at the bottom-right corner of the section:
   
3. You will be presented with a download prompt to complete the export

The export file generated will be BIND in format.

Example of Export File:

Domain: domain.com
Exported (y-m-d hh:mm:ss): 2018-04-06 12:00:00

This file is intended to be informational and for user reference only.

Before migrating or using this file on a production environment please validate record accuracy. Please ensure you update the SOA record with the correct authoritative name server, contact e-mail address information, and the correct NS records for the name servers which will be authoritative for the new Domain. 

Use of this zone data with any other third-party DNS software and services is not supported.

More information can be found in this Help Center document: https://help.liquidweb.com/s/article/Adding-and-Editing-DNS-Records

; SOA Record
domain.com.	3600	IN	SOA	ns.liquidweb.com.	
liquidweb.com. (
				2018031300
				86400
				7200
				3600000
				14400
				)

; A Records
@	3600	IN	A	1.1.1.1

; CNAME Records
ftp           3600	IN	CNAME	@
mail	3600	IN	CNAME	@
www	3600	IN	CNAME	@
*	        3600	IN	CNAME	@

; MX Records
@	        3600	IN	MX	10	domain.com

; NS Records
@	       3600	IN	NS	ns1.liquidweb.com
@	       3600	IN	NS	ns.liquidweb.com

Modifying Your DNS

The most common reason to change DNS Records for a domain is to make sure the domain points to the right IP address so the website resolves correctly. As long as the domain is using a Liquid Web nameserver, it’s simple to change DNS records by logging into your Liquid Web account.

Is the Domain Using Liquid Web’s Nameservers?

Liquid Web uses four nameservers:

• ns.liquidweb.com
• ns1.liquidweb.com
• ns.sourcedns.com
• ns1.sourcedns.com

As long as a domain is using one of these nameservers, DNS records can be easily edited in your Liquid Web account. If you use private nameservers, your DNS records can be changed in WHM or Plesk. You will need to change your DNS records wherever your DNS is hosted.

There are a few different ways to find out if a domain is using Liquid Web’s nameservers.

• Use a web-based WHOIS lookup tool such as ICANN WHOIS and looking at the Name Server listing.
• Query WHOIS from a terminal by running the command whois yourdomainname.com and looking at the Name Servers listing.
• Log into your Liquid Web account, select Domains from the left menu, and click on the DNS tab. Scroll down to the Current DNS Zones section and look at the Delegation column. If you see a green dot labeled “Delegated”, your domain is using Liquid Web nameservers and you can click the [+] Plus Sign the the left of the domain name to start managing your DNS records immediately.
  

Add or Edit a DNS Record Using Manage

1. From your Liquid Web account, click on Domains in the left menu and then select the DNS tab in the Domains Dashboard.
   
2. Click the [+] Plus Sign to the left of the domain name to expand its DNS record.
   
3. To add a new record, click the blue Add New Record button at the bottom. To edit an existing record, click the Edit button to the right of the entry you wish to change. Make sure to fill out all four fields in the record you are adding or editing. Make sure to use an IP address assigned to your server so your domain doesn’t point to someone else’s website.
   
4. Click the green checkmark to accept the DNS record. Once the record is added, DNS will begin to propagate. DNS propagation is when the old DNS records are replaced with the new records on local DNS servers and nameservers. This usually only takes a few hours, but could take up to 48 hours. See if DNS changes are fully propogated using an external tool called WhatsMyDNS.

Restoring DNS Records

1. Click the [+] Plus Sign to the left of the domain name to expand its DNS record.
2. Under the ‘View Change History’ section, select the date/time for the DNS zone snapshot.
3. Click the ‘Compare Records’ button.
   
4. Based on the time selection a window will load with the records and their values:
   

History Types

Add

The highlighted record will be added to the zone.

Change

The record will be updated to the highlighted value.

Delete  

The highlighted record will be removed from the zone.

5. When you are comfortable with the changes, click the ‘Restore Records’ button.

The post Managing Your DNS appeared first on Liquid Web Knowledge Base.

Domain Name System Security Extensions or DNSSEC signs DNS Record Sets (RRsets) at each DNS zone level. This allows one to verify the DNS record they are receiving has not been altered.

For example, manage.liquidweb.com has these zone levels:

• Root (.)
• com, org, net
• liquidweb
• Manage

DNS Record Set (RRsets) is a group of records with the same record type, for example all DNS A records are one RRset.

To sign each zone level, a few additional record types are introduced:

1. Resource Record Signature (RRSig) – Signature of RRsets
2. DNSKey – Contains public key used to verify RRSig
3. Delegation Signer (DS) – References DNSKey in the child-zone and added to domain registrar

We can then use Zone-Signing and Key-Signing Keys to begin the DNS validation.

• Zone-Signing Keys (ZSK) sign each RRSet with a private key. The public key is then stored in the DNSKey record.
• Key-Signing Keys (KSK) sign the public ZSK. The public key is then stored in another DNSKey record.

DNS Validation continues with the steps below:

1. Request DNS Record Set (RRSet), returns the RRSet and RRSig
2. Request DNSKey for the public ZSK and KSK
3. Verify RRset’s RRSig with the public ZSK
4. Verify RRSig’s DNSKey (public ZSK) with the public KSK

We then need to find a way to trust the KSK. This is where the Delegation Signer (DS) record is used. This is created by hashing the DNSKey of the child-zone’s public KSK. This means when the DNSKey of the child-zone matches the DS of the parent-zone, the DNS record has not been tampered with.

Now that we have created the DS, we also need to create a trust for this! The process continues the same way as before, until we reach the root-zone since there is no parent-zone to validate against. Cloudflare outlines this process well, “In the Root Signing Ceremony, several selected individuals from around the world come together and sign the root DNSKEY RRset in a very public and highly audited way. The ceremony produces an RRSIG record that can be used to verify the root name server’s public KSK and ZSK. Instead of trusting the public KSK because of the parent’s DS record, we assume that it’s valid because we trust the security procedures around accessing the private KSK.”

By using DNSSEC in your DNS environment, you can ensure your DNS Records have not been tampered with.

The post What is DNSSEC? appeared first on Liquid Web Knowledge Base.