I have several domain alisases for my site.
For example: domain1.com, domain2.com, domain3.com.
All domains has NS servers provided by Cloudflare.
How I can identify domains in the aliases list which ddosing?
Your server logs should be able to tell you which site you're having an issue with.
Related
GH-pages tells me the domain is not eligible for HTTPS at this time. I am wondering how do I enable this with a Godaddy purchased domain? My site is connected and running properly, but I cannot get HTTPS to work. I have also checked that there are no mixed-asset types in my index.html
I figured out that in the DNS records that are automatically configured with the GoDaddy domain, you must remove that A Record that has the value of park.
I'm trying to get my naked domain work. Currently, it's showing this
NET::ERR_CERT_COMMON_NAME_INVALID
I read this answer, and the ones in it. The answers are leading me to believe that if I am using GoDaddy and Heroku, I simply cannot use my naked domain. Forwarding from naked domain to full domain only work on HTTP websites. I mean, who still uses HTTP?
What's the easiest way to solve this? Port my domain from GoDaddy to another host that supports ANAME? Is there an option that does not require a large amount of work?
I am developing a SaaS web application (https://mywebsite.example) which will be hosted in AWS and will have subdomains for individual customers like https://customer1.mywebsite.example , https://customer2.mywebsite.example.
As a second step I would like to introduce custom domain names and map it with the subdomains of mywebsite.com through cname records
https://customer1.example --> https://customer1.mywebsite.example
Here is what I have analysed till now.
Using Certificates in AWS loadbalancer for the custom domains as a SAN in the certificate. However the AWS Loadbalancer certificate limits are lesser than the number of customers I am expecting to add.
CloudFlare DNS setup for mywebsite.example and its subdomains, with ssl certificates configured in cloudflare. However Cloudflare allows thirdparty (custom domain) cname redirections only in the Enterprise Plan.
Are there any other alternative service or are there is an alternate way of achieving this use case?
it seems that this solution available in AWS EC2 marketplace should solve your problem
You can try, there is some trial available, called Kilo SSL
https://aws.amazon.com/marketplace/pp/prodview-nedlvgpke4hdk?sr=0-1&ref_=beagle&applicationId=AWSMPContessa
Also it is possible to map your customer's domains to your saas. Algorithm is:
you create EC2 instance. Allocate and associate public IP to it
create domain name which points to this instance. You will use this domain name as CNAME when pointing your own subdomains in your DNS provider (but there is limit of 50 certificates per week per one domain, so you can create only 50 domains like customer1.yourdomain.com ... customer50.yourdomain.com per week)
For customers who want to use their own domains (like app.customer1.com), you also provide them your CNAME and ask customer to set DNS record. After they will do it, you will be able to create certificate for their domain using this service.
Also this service allows to point different domains to different URLs. We started to use this in our SAAS application for URL shortening (we have several hundreds of customers who use their own domains. So we automatically able to create certificate for them, and everything is automated via API). Also we use the same machine to support SSL for all our company's domains.
available API methods: https://docs.kilossl.com/
Here is my situation:
I own and control coolwebsite.com
Many websites have a CNAME entry pointing to coolwebsite.com
For example, lamewebsite.com CNAME's a.lamewebsite.com to coolwebsite.com
There are about 50 of these other websites that point to mine, none of which I can control easily
How can I get an SSL certificate that will work with these CNAME's?
There are about 50 of these other websites that point to mine, none of which I can control easily
If you have no control over these web sites or their DNS settings than you should not be able to get a certificate for these. If this would be possible than it would be a serious security issue.
This appears to be a shared hosting kind of setup where you host the websites for clients and allow them to point their own domains to your server and use SNI or host header to serve a correct website based on domain used in the request.
More information like is above correct, where you're getting your TLS certs from, do you want to use single cert to cover everything or a cert per domain would be useful, but in general you can get a certificate with multiple Subject Alternative Names for different domain names/sites.
E.g. if you're using Let's Encrypt, with Domain Validation, you don't need control over domain's DNS, only over content served from that domain. And if people point their aliases (CNAMEs) to your web server then you already have it.
Recently I have installed ssl certificate on my website. After the ssl certificates have been installed ,I found that my subdomain is not working properly. I will address my subdomain as 'xxxx'and main domain as 'primary'. The main domain works well with http as well as https. Now the subdomain works well with http, but with https://xxxx.primary.com delivers me the main site content and not the content of subdomain. I'm using apache server, linux operating system.
Can anyone please help to solve this issue?
Thanks in advance.
This is how SSL protocol works with the browsers. Whenever browsers receive HTTPS request for domain name, it first checks with the server then delivers the site's content. If a website on server has enabled SSL accessed with HTTPS, browser will try to make secure connection and send request to the server.
In your case, your main website is working properly with HTTP as well as HTTPS and delivers proper content, but your sub-domain is not showing proper content for HTTPS. In order to deliver proper content you should consult with your development team. You can better host your sub-domain on another server or you can protect your sub-domain with valid separate SSL certificate.
Suggestion: If you own multiple sub-domains then it is advisable to use Wildcard SSL, that can protect unlimited number of sub-domains with single certificates. Please note, this unlimited does secure first level (blog.domain.com), doesn't second-third-fourth-etc. level (news.blog.domain.com, 1.news.blog.domain.com or abc.1.news.blog.domain.com).