Websites that have sort of a secondary domain.
What are links like these called?
Can it be done trough code or is it a domain thing?
This isn't a coding question - this is related to network and DNS administration.
The "drive" part of "drive.google.com" is just a subdomain or machine name on the "google.com" domain. As far as DNS is concerned, it is even easier - these are just additional entries in your DNS configuration. There is almost nothing special that needs to be done.
Related
in ACM, I always have to register the CNAME record that is provided by ACM. It says that it checks the domain ownership with this CNAME record, but how does it actually check whether the domain I specified in ACM is actually owned by me? Any explanations would be greatful!
In short a certificate authority (such as ACM) will try to resolve the CNAME record for your domain via the public DNS. After that it compares the value it retrieved from the DNS with the value it stored internally, i.e., the value send to you. If they match, your domain is validated.
In layman's terms it tells you a secret and then asks you to display that secret in say a window of your house. After that it drives by your window to check it the displayed secret is correct. If it is, it means you own the house (or at least have access to it).
Best, Stefan
luk2302 explained the idea in the comments already, I'll elaborate a bit.
As you correctly observed, ACM can use DNS validation to confirm ownership of a specific domain.
Ownership in this case is roughly defined as "the ability to make changes to the official DNS records", so it's more like control and not technically ownership.
How do you check if somebody is able to control a domain?
You ask them to set some records on the domain that contain values you have created and later check if these records exists. If they do, they control the domain.
Why does this work?
DNS is a hierarchical distributed database.
A DNS record like stackoverflow.com. (the last dot is intentional, but usually omitted) consists of multiple levels that are read from right to left.
The . on the right denotes the root zone.
The root zone holds all the records directly below it, the so called top level domains (TLDs) like .com, .net or .org.
The nameservers behind the .com TLD hold all the records directly below it, so they know who controls stackoverflow.com..
If you start at the top of the hierarchy and work your way to the bottom, you will find out which servers own a domain.
You could set up your own DNS server and create records for stackoverflow.com, but nobody is going to talk to it and explicitly query it, because it's not part of the hierarchy. You could configure your local DNS-resolver to talk to your own DNS-Server, but Amazon (who verify ownership) won't do that.
I am trying to connect my Amplify app to a GoDaddy website and the AWS instructions are not clear on how to do this.
Following these instructions I created a CNAME record to point to my Amplify app.
(Image from the documentation)
I have a "master.xxxxxxxx.amplifyapp.com" and a "feature.xxxxxxxx.amplifyapp.com", am I supposed to use one of these or just the "xxxxxxxx.amplifyamp.com"?
It seems from the docs that these records take up to 2 days to update and I do not want to waste 4 days attempting this by trial and error.
Edit
Following #Rodrigo M's answer I used the 'master.xxxxxxxx.amplifyapp.com' route for the CNAME record but when I go to the page all I see is the error:
This page isn’t working xxxxx.domain.com redirected you too many times.
And then when I look in the Network tab I see that the page did a bunch of 302 redirects where the name and the initiator were "Index.html".
Does anyone have any ideas of what is going wrong?
Each of the AWS Amplify domains that you reference refer to a branch of your app eg master or feature. Use the full domain name eg master.xxxxxxxx.amplifyapp.com as the target of your CNAME record for the branch you want to expose on your custom domain.
All of the standard DNS propagation warnings say allow 24 to 48 hours but in practice it's usually much much quicker so don't worry about waiting for two days too much.
I can see your DNS TTL is set for 1 hour. This value is how long the DNS system will cache your DNS records. Which means you can make a change and it would take up to an hour for those records to be updated throughout the internet. You could drop that to 5 minutes or less if you want to do trial and error testing or make quick switches to a different branch.
Godaddy doesn't support ANAME/ALIAS so you can't connect it properly. However you can forward the domain without www
Scroll down to the Forwarding section of the go daddy DNS page and set up a Temporary (302) http forward from yourdomain.com to www.yourdomain.com
It took about 30min for this to take affect for me.
I am dealing with some weird inconsistency issues with the dns to my subdomain, and was hoping someone would be able to shed some light!
I have a domain purchased through Google Domains and have a need to use the main domain, and a single subdomain for my api service. With Route 53, i have 2 hosted zones, one for the main, and one for the subdomain, each providing the 4 NS configs, and two aliases back to my Elastic Beanstalk nodes for the www & non www calls.
For my main domain, using WhatsMyDomain, the propagation is pretty much worldwide at all times, but when it comes to my subdomain, it is intermittent and changes throughout the day, where it was working in one location earlier on, it will then stop working.
In Google Domains, i have all 8 NS configurations set in my DNS settings.
I feel like im missing just one piece of something, just can't figure it out
Thanks to Michael - sqlbot for his return question, never even thought about just trying it by adding an alias to the subdomain in the original Hosted Zone! In the docs on AWS, they do provide info on having 2 different zones, which i think thats what i stumbled across when i first started, but i believe there is a bit more setup involved in that route!
Just made the switch, gonna see if this solves the issue!
Let's say I have a contact form where a user can enter his email address along with his other contact details. I need to check the validity of Generic top level domain or top level domain of the email address. An example:
scarlet.1992#examplemail.paris
I need to check if .paris is a valid top level domain.
Please refer to this link for the list of domains available, which gives a number around 1200. Storing the domain names in a local table and searching is not an option since new domains are being introduced everyday.
Please let me know if there is any web service or free API available for this, or there is any other way to validate the email address.
The simplest way to find out whether a domain exists is to check whether it has a name server.
Considering that a TLD costs around $100,000 it is very likely that every one that is purchased is in use. Also, if it doesn't have a name server, you can't send anything to it anyway.
Using dig you can run
dig NS +short paris
which will give
h.ext.nic.fr.
d.nic.fr.
g.ext.nic.fr.
f.ext.nic.fr.
whereas
dig NS +short adsfadfs
returns nothing.
There is nothing wrong with storing a list of TLDs locally when you need a quick answer for client-side validation or don't want to consume network resources for a reverse DNS lookup.
Email addresses from newer TLDs are extremely rare for most use cases. I update my list about once per year and find that it's good enough.
I want to block all non-US users from accessing my website. I'm using nginx on the front end and have a django powered website.
1) How can I determine what are US IP addresses?
2) Should I be blocking them in my webserver or in my application layer?
You need a GEO location provider.
Some are free, some are online checks, some give you a list or a library.
Generally the more accuracy you want the more you pay for it.
There is a limit to how accurately you can do this. Some small countries traffic might be routed through the US or it's name servers hosted in the US. Generally you shouldn't get too many false negatives for US customers.
I've used mod_geoip and found it to be largely but not completely effective. The accuracy of the IP / country database is one issue, as is keeping that database up-to-date. I also found that while it helped mitigate some comment spam and DDOS type queries coming from parts of the world not relevant to the content of our site, it also had some unintended consequences. For instance, there were people who attempted to update their site listings while on vacation overseas who were blocked. http://www.maxmind.com/app/mod_geoip