: Should I use VPS IP addresses or VPS domain names in the DNS Settings? I have recently applied a 'Let's Encrypt' certificate to my VPS. Whilst doing this, I came to learn that I could access
I have recently applied a 'Let's Encrypt' certificate to my VPS. Whilst doing this, I came to learn that I could access my Plesk VPS, through both an IP address (insecure over HTTP) and a domain name (secure over HTTPS).
The latter, being assigned by my hosting company, which I had never known about and cannot edit.
Ever since operating the VPS, I have used its IP address, within the DNS Settings. Is this the correct method? I have had relatively little problems in pointing to my VPS, using the IP address in the DNS Settings but thought, given the domain name is secured, maybe I should replace the IP addresses with the VPS domain name.
Would this be okay or should I stick with the IP addresses within the DNS Settings?
More posts by @BetL925
3 Comments
Sorted by latest first Latest Oldest Best
Your question: "Would this be okay or should I stick with the IP addresses within the DNS Settings?"
There's a certain miniscule security risk in accessing your VPS over a domain name, because the DNS can get hijacked.. But there's really not much to worry about.
Using A or CNAME records will have no effect on whether or not your site appears when you type in the IP address. Your site appears when you type in the IP address because every server MUST have an IP address assigned. DNS is then configured to point to that IP address. Even if you have no DNS entries at all, browsing to that IP address will get to your server.
I recommend showing a 404 Not Found error whenever somebody visits your site with an IP address or with an unexpected domain name. Anybody could point the domain name youstink.tld to your server. There is nothing technical you can do to prevent that. When that happens you don't want that showing your site, or even redirecting to it.
To make this happen under Apache, you need to configure two virtual hosts. One for your site, and a default virtual host. The one that comes first in the configuration, or alphabetically first if there is a separate configuration file for each virtual host is the one that Apache treats as the default. The default one can just return a 404 error. From How do I configure the default virtual host return a 404 header in apache?
<VirtualHost *:80>
ServerName default
Redirect 404 /
</VirtualHost>
<VirtualHost _default_:80>
Redirect 404 /
</VirtualHost>
Then your other virtual host should have your site configuration in it:
<VirtualHost *:80>
ServerName example.com
ServerAlias example.net
Redirect / example.com/ </VirtualHost>
<VirtualHost *:443>
ServerName example.com
ServerAlias example.net
....
</VirtualHost>
Plesk is only for accessing your VPS control panel and if you are accessing with IP-address then it is safe enough. Changing it with the subdomain like cp.example.com is easy to remember but it will not affect the security.
Important thing is that it uses HTTPS.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.