Server Name Indication
Server Name Indication (SNI) is a feature that extends the SSL and TLS protocols to indicate what hostname the client is attempting to connect to at the start of the handshaking process. By doing so it allows a server to present multiple certificates on the same IP address and port number and hence allows multiple secure (HTTPS) websites to be served off the same IP address without requiring all those sites to use the same certificate.
Unfortunately to make use of SNI practical it is necessary that the vast majority of users are using web browsers that support it. Users whose browsers do not support SNI will be presented with a default certificate and hence are likely to receive certificate warnings. As of 2011 there are still many users of browsers that do not support SNI.
The NLnet Labs Name Server Daemon (NSD) is an authoritative RFC compliant DNS nameserver. It was ?rst conceived to allow for more genetic diversity for DNS server implementations used by the root-server system and it has been developed for operations in environments where speed, reliability, stability, and security are of high importance. NSD is currently used on root servers such as k.root-servers.net and is also in use by several top-level domain registries.
nsd - Package Open-source nameserver daemon.
Update script affected by the setting
/usr/local/cpanel/scripts/nsdup
NSD is an authoritative only, high performance, simple and open source name server. The latest current stable release is NSD 3.2.8.
What is Reverse Domain Name Hijacking?
Reverse domain name hijacking has become a significant security threat that is largely overlooked by the web hosting community. This form of domain theft involves copyright owners asserting expansive trademark rights in order to take ownership of a domain from its rightful owner. In most cases, this form of domain theft is actually practiced by larger companies that want to claim a domain name from a smaller company.
In the case of ‘reverse domain name hijacking’ the offending party will typically file a report in conjunction with the UDRP (Uniform Domain-Name Dispute-Resolution Policy), which claims that the current domain owner registered the domain in violation of trademark rights. The goal in filing this report is to have the current domain ownership rights revoked and handed over to the offender. Unfortunately, even though in many cases the larger companies are overstepping their trademark rights, most small companies do not have the funds or knowledge needed to defend themselves through any type of opposition. it is possible to file an action in court against the offending party, which states that your registration of the domain was lawful and in accordance with the Anticybersquatting Consumer Protection Act (ACPA). The ACPA is basically a law that serves to protect domain registrants from the outreaching and unjust claims of trademark owners.
If you want to change the settings for recursive domain name service:
Go to Home > DNS Settings (in the Server group) > DNS Recursion.
Select the option you need:
* To allow recursive queries from all hosts, select Allow for all requests.
* To allow recursive queries from your own server and hosts from your network, select Allow for local requests only.
* To allow recursive queries only from your own server, select Deny.
Click OK.
How to create Custom Name Servers for your domain.
1. Ensure that your domain registrar allows you to create custom nameservers with your domain name.
2. Choose the prefix you wish to use with your domain, e.g. ns1.yourdomain.com ns2.yourdomain.com
3. Set them up using the two IP addresses that you have for DNS at the registrar domain manager. You will need to contact you provider to obtain these IP addreses.
4. Ask your data centre to enter a reverse DNS pointer for your nameservers.
5 .Now–> WHM–>>Server Setup >> Enter ns1.yourdomain.com in the Primary Nameserver field. Hit ‘Assign IP Address’, then hit ‘Add an A Entry for this nameserver’.
6. Repeat this process for Secondary.
