Questions on how to setup Reverse DNS in bind 9
sporkschivago at gmail.com
Thu Jul 21 18:06:51 UTC 2016
I can tell cPanel which IP address to use but I can't pick both of them.
So Apache doesn't have an entry for the second IP address. I can
manually add one, but the problem is it'll get replaced every night with
one generated from the templates. I might be able to just manually edit
the template and add a line that adds the VirtualHost entry for the second
IP address, but I'm not exactly sure how I'd do it.
The templates are a bit weird. Here's what the beginning of the
<VirtualHost[% FOREACH ipblock IN vhost.ips %] [% ipblock.ip %]:[%
ipblock.port %][% END %]>
# Enable HTTP Strict Transport Security
Header always set Strict-Transport-Security "max-age=63072000;
ServerName [% wildcard_safe(vhost.servername) %]
[% IF vhost.serveralias_array.size -%]
[% FOREACH alias IN vhost.serveralias_array -%]
ServerAlias [% alias %]
[% END -%]
[% ELSE -%]
ServerAlias [% vhost.serveralias %]
[% END -%]
There's a bunch of templates, like main.default, vhost.default and
ssl_vhost.default. If I want to customize them, I make a copy and replace
the .default extension with the .local extension and then cPanel will use
my custom .local instead of the .default.
I think we're good though. If I had Apache listening on the second IP
address, I think everything would have been fine. I believe I
accomplished what I wanted to accomplish. When we move into the new
house, I'll setup a server in the work room and I'll get a static IP and
try again then, with two different servers instead of one.
Thanks for all the help!
On Thu, Jul 21, 2016 at 2:00 PM, Spork Schivago <sporkschivago at gmail.com>
> Okay, I do think it was working correctly. I think that's why I was
> getting the ERR_SSL_PROTOCOL_ERROR in Chrome when I went to my site when
> I had the second IP address added, but other users weren't. I think the
> users getting the error message in Chrome were pulling the second IP
> address from their DNS servers, but the people who successfully could go to
> their site where getting the first IP address and could successfully see my
> I can try to explain the cPanel / Apache stuff a bit better. I have an
> Apache config file, /usr/local/apache/conf/httpd.conf. There's a bunch
> of comments that say don't edit this file directly. Use the cPanel
> interface or the "templates". cPanel has these templates and we run a
> script to rebuild the config file. It'll automatically populate it with
> stuff like:
> <VirtualHost 188.8.131.52:443>
> I can tell cPanel which IP address to use but I can't pick both of them.
> So Apache doesn't have
> On Thu, Jul 21, 2016 at 2:49 AM, Matus UHLAR - fantomas <uhlar at fantomas.sk
> > wrote:
>> On 20.07.16 21:40, Spork Schivago wrote:
>>> I don't remember the tools, but I know that the way cPanel handles stuff
>>> with Apache, it broke my website for me. Using the cPanel / WHM
>>> interface, I could tell Apache to listen on one IP or the other, not
>>> unfortunately. Some people (my wife's cell for instance) could make it
>>> my site, but on her laptop, I could not. I believe this is because I
>>> redirect everything to port 443 and the SSL certs were setup for the
>>> IP, not the second.
>> huh? SSL certs should be created with required hostname, e.g.
>> franklin.jetbbs.com in CommonName - not the IPs.
>> you just need transfer both public and private keys to other server...
>> just watch out if you don't make the private key available to others.
>> I believe when I assigned the second IP address to
>>> the A record jetbbs.com, sometimes I'd go to the first IP and Apache
>>> pick it up, other times, I'd go to the second IP and Apache wouldn't know
>>> how to handle it. Maybe it was because the SSL certs were created when
>>> only had the one IP, I don't know. But it really messed things up and I
>>> had to remove the second IP again. I think if I manually edited the
>>> httpd.conf file and regenerated the SSL certs, things might have started
>> this is your problem. don't generate ssl keys when adding IPs.
>> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
>> Warning: I wish NOT to receive e-mail advertising to this address.
>> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
>> We are but packets in the Internet of life (userfriendly.org)
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>> unsubscribe from this list
>> bind-users mailing list
>> bind-users at lists.isc.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users