Author: Ericsson

CAA record explained 

CAA record explained

CAA record is a DNS record that shows who can be the Certification Authority for a particular domain and issue certificates.

What is Certificate Authority (CA)?

The CA is the entity that has the right to issue certificates like SSL certificates or TLS certificates. You can easily identify the CA, based on their name and their certificate revocation list (CRL). The Certificate Authority must provide a public key or a certificate from their CA if it is subordinate.

What is the CAA record?

The CAA record (Certification Authority Authorization) is a DNS record that a domain name owner can use to specify the certificate authority which can issue for their domain name. Inside the CAA, the domain owner can adjust the settings that cover the whole domain or just particular subdomains.

If you manage the CAA on a domain level, it will automatically apply on the subdomain level, too, unless you set it inside the record.

The CAA work with both wildcard certificates and single-name certificates. Separate and together too.

Why do you need to use DNS CAA record?

Continue reading

Shared hosting – pros and cons

Shared hosting

A server hosts every website you visit daily to be available to you and people around the world. Without a web hosting service, sites can’t be viewed on the Internet.

If you want to start a website, choosing the type of hosting, provider, and plan that fits your needs will be a critical decision to be taken. Shared web hosting is a popular service that providers will offer you for sure.

What is web hosting?

All the files that websites are built of (themes, text, images, videos, different codes, etc.) must be saved on a server connected to the Internet to be displayed online.

Web hosting is the service that offers you the storage space on a server needed for your website to be available on the Internet.

What is shared hosting?

This is the most popular, accessible, and basic type of web hosting service. It means your website will be stored in a server, together with more websites, so yours will live there, sharing space and the resources of the server (storage, bandwidth, processor, RAM, etc.) with others. 

In simple words, your site will live with roomies around.

Every site can use a certain limit of server’s resources. Such a limit is defined by the plan you choose.

Shared hosting pros

Easy configuration

Most providers offer one-click features for users to install easily what they need. 

Built-in features

To make it simple for users, built-in features like DNS management and c-Panel (interface) are included to manage the site. No expert tech skills are required to do it. 

Recommended article: Anycast DNS vs Unicast DNS

Technical maintenance is not required from you

The company you hire is in charge of server maintenance, not you. Issues will be fixed by them. 

Customer support

You won’t be alone in this adventure. But since shared web hosting is a basic service, users will have almost nothing to modify or troubles to face in theory. How high or basic guidance you can get depends on the provider and specific plan you get. 

Cheap rates

Being the basic type of web hosting, it’s also the cheapest. Rounding numbers, starting rates can range from 3 to 10 monthly dollars. Providers offer initial discounts but always check the regular ones not to be surprised, once the discount period gets over.

Shared hosting cons

Sharing server’s resources

Resources divided among hundreds of clients definitely can affect websites’ performance. Websites with a heavy design or having traffic peaks can use a lot of processor’s power and RAM from the server. This can make your site’s loading time really sluggish.

Security issues

Sharing a server with many sites brings vulnerabilities. If a site gets compromised, potentially all the websites on that server could be hacked. If the attack goes directly to take over the server, all websites in it will be compromised.

Besides, all websites on a server share the IP address. In case another site does something wrong, it can be banned. Then, all sites using such an IP address can suffer the same consequences. 

No root access

Since it’s a service thought for beginners, you won’t have root access in case you want to modify settings for adding, removing, customizing, etc. 

Conclusion

Shared web hosting is a good beginning, especially if you own a site without much on-site interaction, a static site, a start-up, a blog, a corporative site, etc. It is an affordable, easy to manage choice.

Choose shared web hosting just if it really suits your website needs. If your site requires more resources and you pick shared hosting, for sure, you will face problems.

Error 502 – How to fix it?

Error 502 - How to fix it?

Maybe it has happened to you while browsing, or users have reported they can’t access your website. The only thing they see is an Error 502 message. How can you fix error 502?

What is Error 502?

It is a HTTP status code that points to a server communication problem. A server (acting as a proxy) got not response or got an invalid response from another server (origin or upstream server).

To visit a site on the Internet, the browser sends the request to a server connected to the web. The server gets that request and processes it in order to send back the resources you requested, together with an HTTP status code and HTTP header. 

When things work, the HTTP status code is not visible to the users. It’s the way servers communicate with each other. When something fails, the server informs you of the problem through this code.

Error 502 can be displayed also like:

  • HTTP 502
  • 502 Proxy Error
  • 502 Service Temporarily Overloaded
  • 502 Bad Gateway
  • Temporary Error (502)
  • 502 Bad Gateway Cloudflare
  • Bad Gateway: The proxy server received an invalid response from an upstream server.
  • 502 Server Error: The server encountered a temporary error and could not complete your request.

What causes Error 502?

  • The origin server can be down, so it can’t be reached.
  • The domain name doesn’t match correctly to the IP address of the host. It can happen due to DNS changes. 
  • Something like CMS security plugins, a firewall, or a DDoS protection system, could block the communication between the origin server and the server, acting as a proxy.
  • It is mostly a network issue. The error occurs on Internet servers. There is a big chance this is not an issue website owners or users have to fix. It must be fixed on the web servers/proxies level.

How to fix Error 502?

First, let’s delete the slight possibilities that the issue is on the user-side:

  • Reload the URL. Connectivity server problems regularly get fixed fast. Just wait a few minutes.
  • Restart your device and network hardware. If Error 502 appears in more websites, temporary conflicts in network devices could be the problem. 
  • Remove browser cache and cookies. Old, corrupted files or cookies stored by the browser could cause Error 502.
  • Restart the browser. There could be a conflict device-browser. Close it perfectly and open a new session.
  • Use browser’s safe mode. This means getting back to default settings, free of add-ons that can be the problem.
  • Use another browser. If the page loads correctly, the problem is on your browser. Just reinstall it.
  • Flush DNS settings. It could be that the IP address you have is not current. Once all the DNS A records are removed, when you require the domain, the browser will search for the DNS A record again, and it will get the newest one with the newest IP address.

Website owner:

  • Test your server. Try a ping test with the IP of the server to see if it responds or not. 
  • Look over server logs. The details about server’s performance will show the problem.
  • Check firewall configurations. The firewall protects your site. But not properly configured, it can directly reject all requests of a content delivery network, considering them an attack to the server.
  • Examine website’s code. Bugs affect the proper answer to content delivery network requests.
  • Wait for DNS modifications to propagate. If you recently changed something, you moved to another hosting server or transferred your site to a different IP address. This can cause Error 502.

DNS propagation explained

  • Ask your hosting provider. Normally, when a server is down or under maintenance, providers fix the problem fast or look for alternatives for you not to lose visitors. But to ask is good in the rare case, they hadn’t realized the problem. 

Anycast DNS vs Unicast DNS

Anycast DNS vs Unicast DNS

What DNS servers mainly translate domain names of websites into IP addresses. Servers communicate among them to identify data’s location of the domains we required to make them accessible. 

To know where your website is hosted, you definitely need a DNS server. Two popular DNS routing models are Unicast DNS and Anycast DNS.

What is Unicast DNS?

With Unicast, only one server stores the IP of the website. Its info is available where that DNS server is situated. No matter the place in the world, users request to visit the website, they have to get to this exact point.

DNS request will go to DNS name servers of users ISP, looking for an answer. If it doesn’t get an answer there, it will go from server to server, searching for one that can answer.

In the case of Unicast, we have just one that can answer. 

Suppose the server that has stored the website data is close to the requester, great! He will get a fast answer. But a user requesting the same website from far away will have to wait much more time to get the same answer from the same name server. 

Advantages of Unicast DNS

  • Unicast means one machine, one IP. So installing unicast is simpler because you have to be worried about the maintenance and proper performance of just one server.
  • Therefore, Unicast is cheaper than Anycast. There are different alternatives, but Unicast is still very used on the Internet for its price.
  • It is a choice for websites that target specific markets and not the whole world. If your business is directed just to Chinese users, you can choose Unicast, a DNS server in such a country, so your website will be easily reachable since it is close to your audience and your budget won’t be affected.

Disadvantages of Unicast DNS

  • If the DNS server that stores your website data gets attacked or crashes, accessibility to your website will be seriously affected.
  • If your business targets potentially people all around the world, Unicast DNS is not the best for you. As explained before, you can’t guarantee the best experience for users located far from your server’s location.

What is Anycast DNS?

Several servers located in different geographical points can provide the same IP through Anycast. DNS information from your domain name is copied on as many servers as you pay to have a better presence.

With Anycast, the closest DNS server will answer the user’s request. If one is down, offline due to maintenance or a different reason, the request will go to the second closest, available DNS server to get the answer, and so on. Then user’s request definitely will be answered faster, and the experience will be better in terms of waiting for a response, loading time, etc.

Advantages of Anycast DNS

  • Faster response time. The faster the servers’ response is, the shorter waiting time and fewer potential clients abandoning your site. 
  • Higher uptime and accessibility. A server can fail, but a whole group of servers rarely, at least not at the same time. Therefore, your site will have higher uptime, and access will be guaranteed for users at any time.
  • Better position on search engines. Positive user experience (short waiting response, fast loading, accessibility, etc.) is considered by search engines to rank better or worse your site.
  • Better security. If one server gets compromised, you will have others to rely on.

Disadvantage of Anycast DNS

  • Having more than one server is clearly more expensive. Depending on your budget, this could be a problem.
  • Configuring all servers takes a bit of extra effort but is worth it.

Conclusion

Anycast is clearly more robust than Unicast. What really defines which is more suitable, it’s your business size and needs.

Vanity name server (DNS branding) – Why use it?

Vanity name server (DNS branding)

Did you know that there is a DNS service that allows you to put your custom DNS branding on the name servers the DNS provider offers? With DNS branding, you can put the name of a domain you own instead of the names that come by default, like ns1.DNSprovider.com, and be changed to ns1.YourDomain.com.

Why would you want to use Vanity name server? 

What is a Vanity name server (DNS Branding)?

DNS Branding offers vanity name servers that are name servers that you can put a custom name on them instead of the DNS provider’s default name. You can put your own domain name, hide the DNS provider, and have a better brand image. 

See the following example of Vanity name servers, so you get the idea better:

BeforeAfter
ns1.DNSProvider.com ns1.YourDomain.com
ns2.DNSProvider.comns2.YourDomain.com

DNS Vanity name servers are actually a mask on top of the DNS provider.

Anycast DNS vs Unicast DNS

Why use Vanity name server?

Because using Vanity name server will show the custom name, like ns1.YourDomain.com, when somebody is performing a Whois lookup or using any of the commands for testing NS DNS records. 

Another reason is that using this DNS branding is that you can hide which exactly is your DNS provider or public DNS server you are using, so nobody uses this information against you in any way.

White-label services. You can offer different network services and make a deal with a DNS provider, to offer their services through your plans, without mentioning their involvement and slapping your brand on top of the DNS service. That way, you can add more features and look like a truly feature-rich service provider. 

How can you set up a Vanity name server?

Configuring Vanity name servers takes a few simple steps, and it is very similar on most of the DNS providers:

First, go to your domain registrar site and log in. There we need to add Child Name Servers to your domain. Those servers you want to use like ns1.YourDomain.com, ns2.YourDomain.com, etc., and add the IP addresses according to the domain registrar.

Now, go to your DNS settings and add the same A records as the Child Name Servers for the DNS zone. You can do it for your Primary DNS zone or Secondary DNS zone. Both work.

After adding the A DNS records, the same way as the Child Name Servers, it is time to change the NS records (name server record) that you can find the DNS zone. Edit the existing ones, or delete them and add a new one. The content of them should look like YourDomain.com NS ns1.YourDomain.com, and so on for the rest of them.

Time to get back to the domain registrar settings. There, from the control panel, change the previous name servers with those you just created. You might need to wait up to 48 hours to update the DNS records on all the DNS resolvers.

Now you know what Vanity name servers are, what purpose do they have, and how to start using them, are you interested in using them?

Navigation