I am getting an error when trying to create a new domain for another website. I am a web developer and I host many sites so I need to have a lot of domains. How can I add more domains?
Currently on the Free plan (because my sites don't exceed the limit) however it seems like I need to upgrade... I can't find any limitations at all for domains.
Does any one know what I can do to resolve this issue?
You are correct that the free plan does not allow for custom domains. Once you add a credit card, you will be given 5,000 emails for free and a 3 month trial of the flex plan. This plan allows for up to 5 domains max. If you have more than 5 domains you may want to reach out to the sales team to see about a custom plan, they are able to accomodate adding more domains. Here is a link to the differences between plans.
Once you have upgraded (or added a credit card!), you can add a domain by following these steps:
Inside the Mailgun Control Panel (options displayed down the left-hand side on a dark column), use the following instructions:
First, click on Sending on the left-hand side of your the Mailgun dashboard. Then click the green Add New Domain button. Enter your Domain Name and choose your additional options. The region your domain will reside: US or EU.
Next step is to create DKIM Authority - you would generally leave this checked by default. Then, decide on DKIM Length - a longer DKIM key will make spoofing your emails by malicious spammer more difficult. 1024-bit is selected by default, but 2048-bit can be used as well. Keep in mind that some DNS providers may have an issue with a 2048-bit DKIM keys, as they produce a string longer than 255 characters (exceeding the maximum character limit for a DNS entry). Once your options are set, click Add Domain to save your new domain.
Related
in ACM, I always have to register the CNAME record that is provided by ACM. It says that it checks the domain ownership with this CNAME record, but how does it actually check whether the domain I specified in ACM is actually owned by me? Any explanations would be greatful!
In short a certificate authority (such as ACM) will try to resolve the CNAME record for your domain via the public DNS. After that it compares the value it retrieved from the DNS with the value it stored internally, i.e., the value send to you. If they match, your domain is validated.
In layman's terms it tells you a secret and then asks you to display that secret in say a window of your house. After that it drives by your window to check it the displayed secret is correct. If it is, it means you own the house (or at least have access to it).
Best, Stefan
luk2302 explained the idea in the comments already, I'll elaborate a bit.
As you correctly observed, ACM can use DNS validation to confirm ownership of a specific domain.
Ownership in this case is roughly defined as "the ability to make changes to the official DNS records", so it's more like control and not technically ownership.
How do you check if somebody is able to control a domain?
You ask them to set some records on the domain that contain values you have created and later check if these records exists. If they do, they control the domain.
Why does this work?
DNS is a hierarchical distributed database.
A DNS record like stackoverflow.com. (the last dot is intentional, but usually omitted) consists of multiple levels that are read from right to left.
The . on the right denotes the root zone.
The root zone holds all the records directly below it, the so called top level domains (TLDs) like .com, .net or .org.
The nameservers behind the .com TLD hold all the records directly below it, so they know who controls stackoverflow.com..
If you start at the top of the hierarchy and work your way to the bottom, you will find out which servers own a domain.
You could set up your own DNS server and create records for stackoverflow.com, but nobody is going to talk to it and explicitly query it, because it's not part of the hierarchy. You could configure your local DNS-resolver to talk to your own DNS-Server, but Amazon (who verify ownership) won't do that.
I am trying to connect my Amplify app to a GoDaddy website and the AWS instructions are not clear on how to do this.
Following these instructions I created a CNAME record to point to my Amplify app.
(Image from the documentation)
I have a "master.xxxxxxxx.amplifyapp.com" and a "feature.xxxxxxxx.amplifyapp.com", am I supposed to use one of these or just the "xxxxxxxx.amplifyamp.com"?
It seems from the docs that these records take up to 2 days to update and I do not want to waste 4 days attempting this by trial and error.
Edit
Following #Rodrigo M's answer I used the 'master.xxxxxxxx.amplifyapp.com' route for the CNAME record but when I go to the page all I see is the error:
This page isn’t working xxxxx.domain.com redirected you too many times.
And then when I look in the Network tab I see that the page did a bunch of 302 redirects where the name and the initiator were "Index.html".
Does anyone have any ideas of what is going wrong?
Each of the AWS Amplify domains that you reference refer to a branch of your app eg master or feature. Use the full domain name eg master.xxxxxxxx.amplifyapp.com as the target of your CNAME record for the branch you want to expose on your custom domain.
All of the standard DNS propagation warnings say allow 24 to 48 hours but in practice it's usually much much quicker so don't worry about waiting for two days too much.
I can see your DNS TTL is set for 1 hour. This value is how long the DNS system will cache your DNS records. Which means you can make a change and it would take up to an hour for those records to be updated throughout the internet. You could drop that to 5 minutes or less if you want to do trial and error testing or make quick switches to a different branch.
Godaddy doesn't support ANAME/ALIAS so you can't connect it properly. However you can forward the domain without www
Scroll down to the Forwarding section of the go daddy DNS page and set up a Temporary (302) http forward from yourdomain.com to www.yourdomain.com
It took about 30min for this to take affect for me.
I've a web portal where user comes in and post his/her images. Now there's a contest running where people can pool in their photos and whoever has maximum likes on its image wins the contest.
So, the problem that I'm facing is one user can register as many accounts as he/she wants and like his/her own image. This will increase the number of likes on the image and the user will win, not legally but its a fraud.
So, is there any way in which I can restrict a only 1 signup from one computer. OR is there any other better way of handling this, even if I can minimize this behaviour it will be of good help.
One method I thought of is I can ask for user's phone number and can verify using an OTP. What cab be other ways of finding the fraud accounts?
Is there any way in which I can get the unique identity of the system(probably MAC address) in Django request variable via which I can allow only 1 user registration per system?
There's no foolproof way, but you can make it harder for fake users with the following steps:
Show a captcha to prevent automated sign-ups.
Track IP address when users sign-up and try to find patterns e.g. too many sign-ups from a single IP could signal fraud. It's also possible that the IP belongs to an organization and the users are genuine.
Check for suspicious IP addresses (e.g. those through VPN or cloud service providers e.g. AWS). You'll have to use a service that identifies VPN specific IP addresses. Also see : https://security.stackexchange.com/a/85416
If you want to get more technical, you could look at the highest liked photos and see if the users who liked it also liked other pictures. Look for tell tale signs. This could give you a pattern to distinguish fake & genuine likes.
Browser fingerprint
P.S. Phone number verification is also a good option since getting a disposable phone number usually isn't free. There are a few disposable free numbers that you could blacklist (search for free disposable phone number).
It is important to focus your effort on the problem. The problem that you want to solve is that people can like their own images to artificially increase their own score.
To be most effective, target the problem (multiple likes) instead of the side-issue (multiple registrations).
Here are some simple suggestions:
Prevent multiple likes from a single IP on a single image
Set a cookie when a like is given; if the cookie is set, do not accept more likes
Add a CAPTCHA. (This won't prevent multiple manual submissions, but will limit automated ones.)
There is nothing wrong with limiting registrations, but be sure to take steps first that address the core problem.
Let's say I have a contact form where a user can enter his email address along with his other contact details. I need to check the validity of Generic top level domain or top level domain of the email address. An example:
scarlet.1992#examplemail.paris
I need to check if .paris is a valid top level domain.
Please refer to this link for the list of domains available, which gives a number around 1200. Storing the domain names in a local table and searching is not an option since new domains are being introduced everyday.
Please let me know if there is any web service or free API available for this, or there is any other way to validate the email address.
The simplest way to find out whether a domain exists is to check whether it has a name server.
Considering that a TLD costs around $100,000 it is very likely that every one that is purchased is in use. Also, if it doesn't have a name server, you can't send anything to it anyway.
Using dig you can run
dig NS +short paris
which will give
h.ext.nic.fr.
d.nic.fr.
g.ext.nic.fr.
f.ext.nic.fr.
whereas
dig NS +short adsfadfs
returns nothing.
There is nothing wrong with storing a list of TLDs locally when you need a quick answer for client-side validation or don't want to consume network resources for a reverse DNS lookup.
Email addresses from newer TLDs are extremely rare for most use cases. I update my list about once per year and find that it's good enough.
I am attempting to filter out some of the nasty analytics referral traffic. It doesn't touch my site, so htaccess is out.
I have to specifically go into Google to create a filter. I have a few setup already, but am looking to try something new that will hopefully make my exclusion list a bit easier to manage.
I want to block any referral traffic coming from a domain that has seo, traffic, monitize, etc. in it. This would stop about 90% of the referral traffic and would keep excluding sites.
What I currently use is this:
(seomonitizer|trafficseo|seotraffic|trafficmonitizer)\.(com|org|net|рф|eu|co)
It removes each site one by one, but when a new site hits, I have to add it to the list.
I'm not sure what the regex capabilities and limitations are of the Analytics filters, but possibly this may be the foundation, I'm just not sure what goes into the middle.
((?=())\.(?=()))
Thanks
Unfortunately you will have to TO check and add each one of them to your list as they are appearing in your account. To answer your question I use as in the following example:
.*((darodar|priceg|buttons\-for(\-your)?\-website|makemoneyonline|blackhatworth|hulfingtonpost|o\-o\-6\-o\-o|(social|(simple|free|floating)\-share)\-buttons)\.com|econom\.co|ilovevitaly(\.co(m)?)|(ilovevitaly(\.ru))|(humanorightswatch|guardlink)\.org).*
I like to use .co(m)? instead of .com for example
Remember To avoid having ghost referrals currently there are 3 methods.
1) The first one (the one you are using) would be to create a filter that will blacklist all the bad traffic, but there is a limit for the amount of character you can use, so you might end up creating multiple similar filters to cover all the nasty analytics referral traffic. Here is a link with a complete list of bad bots.
2) the second method is to check the box "Exclude all hits from known bots and spiders" in your Google Analytics Account >Property >View
3) Create a hostname Filter following this article steps.