KNOWNHOST WIKI

User Tools

Site Tools


developmental:dynamic-dns-and-cpanel

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
developmental:dynamic-dns-and-cpanel [2019/10/11 07:22]
Karson N.
developmental:dynamic-dns-and-cpanel [2020/06/03 08:54] (current)
Karson N. [Dynamic DNS]
Line 7: Line 7:
 Dynamic DNS is a software that integrates nicely with CSF/LFD firewall that effectively whitelists dynamic IPs. via a hostname you choose. A quick overview of the steps is below. Underneath the quick overview, we will discuss each of the steps in detail.  Dynamic DNS is a software that integrates nicely with CSF/LFD firewall that effectively whitelists dynamic IPs. via a hostname you choose. A quick overview of the steps is below. Underneath the quick overview, we will discuss each of the steps in detail. 
  
- +   - Register at ((https://www.noip.com/))[[https://www.noip.com/|np-ip]] for free dynamic DNS
-   - Register at www.no-ip.com for free dynamic DNS+
    - Setup a hostname.     - Setup a hostname. 
    - Install the Dynamic Update Client from No-IP on your computer and connect it to the account you just created.     - Install the Dynamic Update Client from No-IP on your computer and connect it to the account you just created. 
Line 15: Line 14:
   -  Restart the firewall   -  Restart the firewall
  
- +\\
 ===== Register with NO-IP for free dynamic DNS (Steps 1 and 2) ===== ===== Register with NO-IP for free dynamic DNS (Steps 1 and 2) =====
  
Line 26: Line 24:
  
 {{developmental:tooltip_022.png?nolink&300|}} {{developmental:tooltip_022.png?nolink&300|}}
- 
  
 Enter your desired hostname and then click "Sign Up". You will then need to complete the sign-up process by entering an email account, a password, and confirming the hostname you'd like to use: Enter your desired hostname and then click "Sign Up". You will then need to complete the sign-up process by entering an email account, a password, and confirming the hostname you'd like to use:
Line 32: Line 29:
 {{developmental:dyndns_signup_1.png?nolink&1000|}} {{developmental:dyndns_signup_1.png?nolink&1000|}}
  
 +Free Dynamic DNS hostnames must be confirmed every 30 days or they will be deleted.
  
-Free Dynamic DNS hostnames must be confirmed every 30 days or they will be deleted.  +((https://www.noip.com/support/knowledgebase/why-is-my-hostname-pending-deletion/)) 
-[[https://www.noip.com/support/knowledgebase/why-is-my-hostname-pending-deletion/]]+[[https://www.noip.com/support/knowledgebase/why-is-my-hostname-pending-deletion/|Why is My Hostname Expiring?]]
  
 Create the account, and then you will be sent an account confirmation email: Create the account, and then you will be sent an account confirmation email:
Line 46: Line 44:
 Since you are not self-hosting services from your computer, you should not need to set up any port forwarding via your router. You will need to download the Dynamic Update Client and then configure CSF/LFD firewall on your server, though. Let's move on.  Since you are not self-hosting services from your computer, you should not need to set up any port forwarding via your router. You will need to download the Dynamic Update Client and then configure CSF/LFD firewall on your server, though. Let's move on. 
  
 +\\
 ===== Install Dynamic Update Client (Step 3) ===== ===== Install Dynamic Update Client (Step 3) =====
  
 You can download the software via the following link: You can download the software via the following link:
  
-https://www.noip.com/download+((https://www.noip.com/download)) 
 +[[https://www.noip.com/download|Download Dynamic Update Client]]
  
 If you are using Linux on your computer, you can use the following commands via terminal to install this: If you are using Linux on your computer, you can use the following commands via terminal to install this:
 +<code>
   cd /usr/local/src/   cd /usr/local/src/
   wget http://www.no-ip.com/client/linux/noip-duc-linux.tar.gz   wget http://www.no-ip.com/client/linux/noip-duc-linux.tar.gz
Line 60: Line 59:
   cd noip-2.1.9-1/   cd noip-2.1.9-1/
   make install   make install
-  +</code> 
 Here is the what this installation looks like on mine: Here is the what this installation looks like on mine:
  
Line 70: Line 70:
  
 The installation of the Dynamic Update Client should now be complete. At this point, you should be able to dig the hostname you created and see an A record for it like so: The installation of the Dynamic Update Client should now be complete. At this point, you should be able to dig the hostname you created and see an A record for it like so:
 +<code>
   dig a +short hostname.ddns.net   dig a +short hostname.ddns.net
 +</code>
  
 You will need to replace 'hostname.ddns.net' with your actual hostname that you chose.  You will need to replace 'hostname.ddns.net' with your actual hostname that you chose. 
Line 77: Line 78:
 We must now configure CSF/LFD on our server to recognize and whitelist our hostname.  We must now configure CSF/LFD on our server to recognize and whitelist our hostname. 
  
 +\\
 ===== Configure CSF/LFD for DynDNS (Steps 4-6) ===== ===== Configure CSF/LFD for DynDNS (Steps 4-6) =====
  
-We must first edit the file csf.dyndns and add the hostname of your no-ip account. You can use nano or vim via SSH, or request that the Knownhost Support team does this for you.  +We must first edit the file csf.dyndns and add the hostname of your no-ip account. You can use nano or vim via SSH, or request that the Knownhost Support team does this for you. 
 +<code>
   nano /etc/csf/csf.dyndns   nano /etc/csf/csf.dyndns
 +</code>
  
 {{developmental:csf.dyndns_.png?nolink&800|}} {{developmental:csf.dyndns_.png?nolink&800|}}
Line 88: Line 91:
  
 Next, we will need to edit the CSF/LFD configuration file.  Next, we will need to edit the CSF/LFD configuration file. 
 +<code>
   nano /etc/csf/csf.conf   nano /etc/csf/csf.conf
 +</code>
  
 You can use Ctrl W to search for the settings that need to be changed since this file is quite large compared to the last. Pictured below is the section of the file that we will be editing.  You can use Ctrl W to search for the settings that need to be changed since this file is quite large compared to the last. Pictured below is the section of the file that we will be editing. 
Line 100: Line 104:
  
 Now, we just need to restart the firewall: Now, we just need to restart the firewall:
 +<code>
   csf -ra   csf -ra
 +</code>
  
 {{developmental:firewall_restart.png?nolink&800|}} {{developmental:firewall_restart.png?nolink&800|}}
Line 108: Line 113:
  
 Let's test to make sure I am now being ignored by the firewall. First, check to make sure your IP isn't already whitelisted in the firewall using the following command (replacing XXX.XX.XX.XXX with your actual IP: Let's test to make sure I am now being ignored by the firewall. First, check to make sure your IP isn't already whitelisted in the firewall using the following command (replacing XXX.XX.XX.XXX with your actual IP:
 +<code>
   csf -g XXX.XX.XX.XXX   csf -g XXX.XX.XX.XXX
 +</code>
  
 If it is whitelisted, remove the rule with the following: If it is whitelisted, remove the rule with the following:
 +<code>
   csf -tr XXX.XX.XX.XXX   csf -tr XXX.XX.XX.XXX
 +</code>
  
 Now you may test to make sure you are whitelisted due to DynDNS and not due to any previous rules added. To test, I repeatedly attempted to log in via SSH as root using the wrong password while tailing the LFD logs. You may tail, or watch, the LFD logs via SSH with the following command: Now you may test to make sure you are whitelisted due to DynDNS and not due to any previous rules added. To test, I repeatedly attempted to log in via SSH as root using the wrong password while tailing the LFD logs. You may tail, or watch, the LFD logs via SSH with the following command:
 +<code>
   tail -f /var/log/lfd.log   tail -f /var/log/lfd.log
 +</code>
  
  I'm watching the LFD firewall logs while I do this to see if my failed attempts are being ignored because we configured the firewall to //ignore// the hostname (or the IP associated with the hostname, technically). Here is what I saw when tailing my firewall log, which proves that we were successful in configuring DynDNS:  I'm watching the LFD firewall logs while I do this to see if my failed attempts are being ignored because we configured the firewall to //ignore// the hostname (or the IP associated with the hostname, technically). Here is what I saw when tailing my firewall log, which proves that we were successful in configuring DynDNS:
developmental/dynamic-dns-and-cpanel.1570796561.txt.gz · Last modified: 2019/10/11 07:22 by Karson N.