Two domains point to the same location?
I asked this before, but got caught up in setting up the new business.
The new business is moving along real fast now, and it's time to setup the domains.
I've registered both, let's call them example.com and example.net
I also have my first domain, domain.com.
I wanted example.com and example.net ran under my wife's name, instead of being ran by me, like domain.com is.
I want it so example.com and example.net point to the same location on the VPS.
I created an account for my wife and created the domain example.com. The registar has the nameservers setup as ns1.domain.com and ns2.domain.com.
1) Should the two new domains have their own ns1 and ns2 DNS entry?
2) How do I go about creating the second example.net domain, and having it point to the same physical directory that example.com points to? I tried creating an add-on domain, but that appears to just create a sub-domain, which isn't what we want.
All three domains are currently running on the same VPS.
Thanks!
-
I got it. I had been using .local files for templates because cPanel still hasn't implemented my feature request, where subdomains shouldn't have the www in front of them, plus, I needed more options than what cpanel provides for security reasons, and they haven't been implemented yet (for example, mailman can still be accessed, despite it being disabled) Now all I have to do is find a way to always redirect I want this server wide, if I could. That's the last issue I have to solve, then I can create the SSL certs, using autossl, and we should be good! 0 -
The redirects interface within cPanel should cover that for the domains: redirect example.net or Example Domain -> https You could also add an include to force https for the entire server as is discussed here: 0 -
The redirects interface within cPanel should cover that for the domains: redirect example.net or Force https for entire server/domain Thank you,
Does the second one include the stuff after the / though? For example, ? Reading the article for the server wide include now.0 -
That worked, I hope it doesn't mess with the AutoSSL stuff. I put it in the pre-main include. There's one last problem, then I think we're set. The AutoSSL cert is invalid for example.com, because it's issued to example.net. How do I go about fixing that so people don't get the invalid SSL warning? 0 -
Hello, It should cover the Parked domain. If you go to WHM>>SSL/TLS>>Manage AutoSSL and click Run AutoSSL for All users then when the AutoSSL process runs check the "Logs" tab, you should see it running for the parked domain. Thank you, 0 -
That worked, I hope it doesn't mess with the AutoSSL stuff. I put it in the pre-main include.
It is possible that it will AutoSSL needs to check over http not https. To work around that you might try enabling the following in WHM>>Server Configuration>>Tweak Settings: [QUOTE]Use a Global DCV Passthrough instead of .htaccess modification (requires EA4) When you enable this option, Apache adds global rewrite rules to the webserver configuration so that the system does not process additional rewrite rules for DCV filenames. These global rules make it unnecessary for cPanel & WHM to modify each virtual host"s .htaccess file. Note: When you enable this option, the system receives a trivial performance penalty because all of the HTTP requests must be matched against the DCV filename regular expressions.0 -
I've checked the autoSSL on example.com, and it's enabled. Noticed subdomains aren't being redirected to .net either, which is something I'd like to see happen. For example, I can go to whm.example.com and it doesn't redirect to whm.mybusiness.net. Would it be wrong to add to the .htaccess file, RewriteCond %{HTTP_HOST} ^$\.example\.com$ RewriteRule ^/?$ "https\:\/\/$\.example\.net" [R=301]
Earlier up in the .htaccess file?0 -
Redirecting the proxy subdomains can't be done in that manner - those are publicly used either. The only way you'd be able to set up redirection for those would be to bypass proxy subdomains and add your own redirection in. The following documentation goes over how to do this but I do want to reiterate we do not recommend you bypass your server's proxy subdomain configuration: Proxy Subdomains Use the cPanel Service SSL - cPanel Knowledge Base - cPanel Documentation Thank you, 0 -
Redirecting the proxy subdomains can't be done in that manner - those are publicly used either. The only way you'd be able to set up redirection for those would be to bypass proxy subdomains and add your own redirection in. The following documentation goes over how to do this but I do want to reiterate we do not recommend you bypass your server's proxy subdomain configuration:
0 -
Did you check the logs as I indicated previously? Thank you, 0 -
Yes, but it didn't show much. Then I noticed I had to click the load button to view the actual logs. The window I was looking at, I thought was the logs: Log for the AutoSSL run for all users: Friday, April 13, 2018 3:24:23 PM GMT-0400 (cPanel (powered by Comodo)) 3:24:23 PM This system has AutoSSL set to use "cPanel (powered by Comodo)". 3:24:23 PM Checking websites for "mywife" " 3:24:23 PM The website "business.net", owned by "mywife", has a valid SSL certificate, but additional SSL coverage may be possible for the domains "business.com", "mail.business.com", "mail.business.net", "www.business.com", and "www.business.net". The system will attempt to replace this certificate with one that includes these additional domains. 3:24:23 PM WARN The domain "business.net" failed domain control validation: The validation required 1 HTTP redirect, but the AutoSSL provider "cPanel (powered by Comodo)" does not permit HTTP redirects. When the system accessed the "http://business.net/.well-known/pki-validation/D14C5E6744ACCDC4ED18348DF5577132.txt" URL, it redirected to the "https://business.net/.well-known/pki-validation/D14C5E6744ACCDC4ED18348DF5577132.txt" URL. 3:24:23 PM WARN The current SSL certificate for "business.net" secures the domain "business.net". However, this domain failed local domain control validation. In order to maintain SSL domain coverage for this domain, the system will not attempt to replace the current certificate. 3:24:23 PM The system has completed the AutoSSL check for "mywife". 3:24:23 PM Checking websites for "me" " 3:24:23 PM The website "ipv4.personal.com", owned by "me", has a valid SSL certificate, but additional SSL coverage may be possible for the domain "www.ipv4.personal.com". The system will attempt to replace this certificate with one that includes this additional domain. 3:24:23 PM The website "ipv6.personal.com", owned by "me", has a valid SSL certificate, but additional SSL coverage may be possible for the domain "www.ipv6.personal.com". The system will attempt to replace this certificate with one that includes this additional domain. 3:24:24 PM WARN The domain "ipv4.personal.com" failed domain control validation: The validation required 1 HTTP redirect, but the AutoSSL provider "cPanel (powered by Comodo)" does not permit HTTP redirects. When the system accessed the "http://ipv4.personal.com/.well-known/pki-validation/47CFD0B8E99C5040F8DD96BFE2116DB4.txt" URL, it redirected to the "https://ipv4.personal.com/.well-known/pki-validation/47CFD0B8E99C5040F8DD96BFE2116DB4.txt" URL. 3:24:24 PM WARN The current SSL certificate for "ipv4.personal.com" secures the domain "ipv4.personal.com". However, this domain failed local domain control validation. In order to maintain SSL domain coverage for this domain, the system will not attempt to replace the current certificate. 3:24:24 PM WARN The domain "ipv6.personal.com" failed domain control validation: The validation required 1 HTTP redirect, but the AutoSSL provider "cPanel (powered by Comodo)" does not permit HTTP redirects. When the system accessed the "http://ipv6.personal.com/.well-known/pki-validation/858F95ED6F59769A4121307C6A2B989B.txt" URL, it redirected to the "https://ipv6.personal.com/.well-known/pki-validation/858F95ED6F59769A4121307C6A2B989B.txt" URL. 3:24:24 PM WARN The current SSL certificate for "ipv6.personal.com" secures the domain "ipv6.personal.com". However, this domain failed local domain control validation. In order to maintain SSL domain coverage for this domain, the system will not attempt to replace the current certificate. 3:24:24 PM The system has completed the AutoSSL check for "me". 3:24:24 PM The system has finished checking 2 users.0 -
It looks like the redirection to https is getting in the way of the certificates: 3:24:23 PM WARN The domain "business.net" failed domain control validation: The validation required 1 HTTP redirect, but the AutoSSL provider "cPanel (powered by Comodo)" does not permit HTTP redirects. When the system accessed the "http://example.net/.well-known/pki-validation/D14C5E6744ACCDC4ED18348DF5577132.txt" URL, it redirected to the "https://example.net/.well-known/pki-validation/D14C5E6744ACCDC4ED18348DF5577132.txt" URL.
Do you have the tweak setting i mentioned earlier enabled? [QUOTE]Use a Global DCV Passthrough instead of .htaccess modification (requires EA4) When you enable this option, Apache adds global rewrite rules to the webserver configuration so that the system does not process additional rewrite rules for DCV filenames. These global rules make it unnecessary for cPanel & WHM to modify each virtual host"s .htaccess file. Note: When you enable this option, the system receives a trivial performance penalty because all of the HTTP requests must be matched against the DCV filename regular expressions.0 -
Yes, I agree. I do have the tweak setting enabled. I think the rewrite rule I originally added to the Apache Global pre-main config was causing the issues, so I modified it like so: RewriteEngine On RewriteCond %{HTTPS} !=on RewriteCond %{HTTP_HOST} ^business\.com$ [OR] RewriteCond %{HTTP_HOST} ^www\.business\.com$ RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$ RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$ RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$ RewriteRule ^/(.*) https://www.business.net/$1 [R,L] RewriteCond %{HTTPS} !=on RewriteCond %{HTTP_HOST} !^business\.com$ [OR] RewriteCond %{HTTP_HOST} !^www\.business\.com$ RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$ RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$ RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$ RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
That should fix it I think. However, when I go to recreate the SSL certs using the cPanel (powered by Comodo) provider, I noticed most are now being generated in the queue, I see one for: webmail.business.net but not one for: webmail.business.com Although, I do see ones for: mail.business.net mail.business.com Which is a bit weird. I really wish cPanel took my submitted suggestion into consideration and removed the www aliases for subdomains. It cuts in half how many domains a person can have, if they're using subdomains. There's no reason to have an SSL certificate for www.whm www.cpanel www.webmail www.mail www.subdomain period. And there should never be a www.subdomain.domain.com. That's just wrong and goes against standard practice. It wouldn't be hard to fix. When I was just running one site, I had modified the template:ServerName [% wildcard_safe(vhost.servername) %] [% IF vhost.serveralias_array.size -%] [% FOREACH alias IN vhost.serveralias_array -%] [% IF vhost.servername == 'personal.com' -%] ServerAlias [% alias %] [% END -%] [% END -%] [% ELSE -%] [% IF vhost.servername == 'personal.com' -%] ServerAlias [% vhost.serveralias %] [% END -%] [% END -%]
if there was just a variable declaration for subdomains, we could do something like:ServerName [% wildcard_safe(vhost.servername) %] [% IF vhost.serveralias_array.size -%] [% FOREACH alias IN vhost.serveralias_array -%] [% IF vhost.servername != vhost.subdomain.servername -%] ServerAlias [% alias %] [% END -%] [% END -%] [% ELSE -%] [% IF vhost.servername != vhost.subdomain.servername -%] ServerAlias [% vhost.serveralias %] [% END -%] [% END -%]
That'd be all it would take to implement. But when I lasted look, there was no variable that contained the subdomains. If there was, I'd be using that in a heartbeat! cPanel also really needs to work on the IPv6 stuff. Currently, there's no support for IPv6 only hosts, and that sucks. ipv6.personal.com shouldn't be accessible with IPv4 protocol. I can remove the IPv4 DNS record for it, which fixes the problem, but then there's no way to generate an SSL certificate for it, because SSL only checks for the IPv4 IP address of the subdomains, not the IPv4 and IPv6 and then try the other if one doesn't exist. This makes developing applications extremely hard, because how do I test that they're actually connecting via just IPv4 or just IPv6? Gotta do it on this side, which I shouldn't have to....just my two cents there.0 -
Grrr, everything is fixed, except no SSL certificates generated for the proxy subdomains for the .com parked domain. It generates them for the .net just fine, and forwards me, but because the .com was entered, I get an invalid cert warning. Wonder where the option to generate SSL certs for proxy parked subdomains would be. 0 -
Hello, I do see an open case CPANEL-17258 in which proxy subdomains for addon and parked domains DNS entries for proxy subdomains are not being added, subsequently causing a number of issues for AutoSSL but this is showing that it's resolved in cPanel v70. To confirm that your issue is the same as the one in the internal case I'd like to see if you could go ahead and open a ticket using the link in my signature. Once it's open please post the ticket ID here so we can update this thread with the outcome. Thank you, 0 -
Which domain should I create the ticket for? The one without the valid certs (ie, the parked one)? The one with the certs, or the master one that created the other two? 0 -
Hello, You create the ticket for the server, I would just explain in the ticket the issues you're experiencing with as much detail as possible. Thank you, 0 -
I went to create the update, and see that a new update is available for cPanel. So I click update first, in order to see if that fixes the issue. It appears to be stuck at 39%: [Starting perm] Use of uninitialized value $exe in -x at /usr/local/cpanel/Cpanel/FtpUtils/Config/Pureftpd.pm line 159. Use of uninitialized value $exe in -x at /usr/local/cpanel/Cpanel/FtpUtils/Config/Pureftpd.pm line 159. Use of uninitialized value $exe in -x at /usr/local/cpanel/Cpanel/FtpUtils/Config/Pureftpd.pm line 159.0 -
Hello, Can you tell me what the value is at WHM>>Service Configuration>>FTP Server Selection? Thank you, 0 -
Is it safe to leave the Upgarding to Latest version while it's frozen like that? 0 -
For the working domain, it shows The FTP server is currently disabled. (that's for the non-parked business one). 0 -
This typically indicates that there's an issue with the FTP server If it shows FTP disabled in WHM that wouldn't be for just one domain that's for the entire server. Can you please click enable (choosing one of the two available options) and let us know if the update completes? Thank you, 0 -
I cannot right now, because the technician is logged in, trying to fix some issues from the support ticket I opened, per your request. Are you saying I need FTP enabled to perform updates? I need FTP disabled server side, completely. 0 -
Hello, Actually, since you have a ticket open can you please note the ticket ID here? Thank you, 0 -
Here's one: 9443133 Here's the other: 9443353 The first one is for the AutoSSL proxy subdomains. The second is for the nameserver issue I'm having. I also noted how upgrade is stuck at 39% but when I went to verify, I refreshed the page, not realizing it would restart the update, and I hope I didn't mess anything up for the tech. I notified him though of what I did and apologized and don't want to mess with the server until he's done fixing whatever's broke. 0 -
Great! Thank you, I was able to find them. I will update the thread here to the outcome as well! 0 -
When I accidently refreshed the page, the update went through now. Hopefully, the technician didn't enable FTP server side. We want it disabled completely. Even if we don't have the ports opened through the firewall. Having one more program running is just another opportunity for a local user to find a exploit that gives them root access. In the past, this is how pennynet got hacked, a local BBS. They hacked the server by using an FTP exploit. Not gonna say who it was that did that, because I don't want to get in trouble, but FTP servers are notorious for not being the most secure, hence the reason we only use SFTP. Thanks! 0 -
Hello, I just wanted to update that the outcome to this was ultimately that our support concluded the issue was related the earlier referenced internal case CPANEL-17258. It looks like the case is resolved in v70 of cPanel which according to this post: should be in RELEASE in the next week or so (it's in CURRENT and EDGE now) Will you let us know if the issue persists after you update when 70 is in release? Thank you, 0 -
yes, I will update you. Could you do me a favour and try to send a message here, to remind me? I have brain damage from when I was in the Corps, and more than likely, a couple weeks from now, I won't remember about this thread. But if you just ask if the problem is fixed once v70 is in RELEASE, I should get an email saying there was a reply, and I'll let you know. I'd like to thank all the cPanel workers, including you @cPanelLauren, for all the hard work you guys put into getting me setup properly and confirming this was in fact related to CPANEL-17258. I had some other issues I needed resolved, and the cPanel team went above and beyond what I expected. Much thanks to them!!!!! And to you, for always helping me on the forum! 0
Please sign in to leave a comment.
Comments
70 comments