1

First of all, I'm not that into DNS, so maybe the answer to this question is very obvious, sorry in either way.

What I want is this: A DNS record which catches all non-existing subdomains on my site and link them to the external address of my site.

So, not to my internal IP address, but to my external hostname. I'm using CloudFlare and want to hide my server IP to the public, by setting it behind CloudFlare. When doing a ping then brings the IP of CloudFlare.

Examples:

www.example.com                  -> www.example.com
existing-subdomain.example.com   -> existing-subdomain.example.com
non-existing-sub.example.com     -> www.example.com (and NOT the internal IP)

So then when somebody tries to fetch the IP with tracert or http://www.hcidata.info/host2ip.cgi for example they would not get to see my IP.

It doesn't necessarily have to link to my homepage, I would be very happy if there's just no way to see my server IP via such non-existing subdomains.

HopelessN00b
  • 53,795
  • 33
  • 135
  • 209
Martin
  • 177
  • 2
  • 10

1 Answers1

1

If you are use BIND or similar dns server:

In your dns, create an A record as follow

*    IN    A    < External IP >

If your external IP is 1.2.3.4, the line will be EXACTLY as follow

*    IN    A    1.2.3.4

If you want to point to a hostname, use following (remember to put period/dot '.' at the end of the complete hostname)

*    IN    CNAME    www.google.com.

The DNS server will reply with that IP address for all undefined host/sub-domain.

If you are using Windows dns server

Create a host record with hostname '*' and the external IP.

PS: Though the above do achieve what you want, in normal situation, a dns query to a non-exist host/sub-domain should not return any IP address.

John Siu
  • 3,667
  • 2
  • 17
  • 23
  • Hmm, but can it also be an external address/hostname like www.google.com? And by the way, what should I have configured wrongly if I can access non-existing subdomains? I would also be happy if you just couldn't access them. – Martin Nov 07 '12 at 07:25
  • I updated the answer if you want to point to a hostname instead of IP. If you actually don't want people to reach non-exist hostname, you don't have to do anything (no need to add those * line). – John Siu Nov 07 '12 at 07:36
  • Great! Thanks a lot, John! I'd love to upvote you, but I can't yet. – Martin Nov 07 '12 at 07:37
  • No problem, you can do tomorrow, LOL. Later. – John Siu Nov 07 '12 at 07:38
  • Haha, will do. Also, "If you actually don't want people to reach non-exist hostname, you don't have to do anything (no need to add those * line)", I have that right now, but people can still reach non-existing subdomains. Perhaps it has something to do with CloudFlare? – Martin Nov 07 '12 at 07:40
  • Not sure if you would like posting your URL here. I really have to see it tell. – John Siu Nov 07 '12 at 07:41
  • Hmm, we're getting attacked atm (server unreachable on HTTP) so it won't help much if I'd give the URL. I just read on CloudFlare that they don't support wildcard DNSes, so it seems I will have to try your way. :) I will try it now – Martin Nov 07 '12 at 07:47
  • Hmm, seems not to be working in my case. Something else probably is in the way. I will try to contact my host to see if they know something. – Martin Nov 07 '12 at 08:11