I am thinking to sign up for an account with FQ but I want to ask a couple of questions:

1. I want to run a redirection service (like cjb.net). To do that I'll run a cgi script which needs wildcards enabled in the DNS so that all subdomains resolve to my domain. Also I will need to be able to use .htaccess. Can FQ facilitate this type of site?

2. If I host my site at FQ can I use my own DNS servers? I really like to have full control over my dns.

Bravo Gonzalez (speedy's my cousin)


[This message has been edited by bravo (edited 01-22-01@9:47 pm)]

Handle Your Own DNS: Yes that's fine.
Wildcards: No, we do not permit this.
Use .htaccess: Yes, no problem at all.

And that's the short & sweet of it :P

Deb
[nbsp]- K.I.S.S.

just curious, you know when you said you do not permit wildcards, it sounded like it's something important, is there some security risk of it or something?

In the history of Bind, there have been several buffer overflow exploits associated with both Wildcards and CNAMES...[nbsp][nbsp]They could be leveraged to poison the DNS caches and/or assist in domain spoofing...

Knowing these risks, we chose to not allow them in our DNS systems as we were originally based on Bind...[nbsp][nbsp]Since we did not allow them, this opened up more advanced integrity checking code as I was not bound to '*.domain.tld'...

What we store in our DNS is exact information, and we can cross-reference a domain's account information integrity against our DNS information (and vice versa)...

We dumped the Bind DNS system back in early October, due to the many security issues associated with it, and switched over to DJBDNS which is now fully deployed and working wonderfully...[nbsp][nbsp]However, with this new secure DNS system, we have a ton of code that relies on exact DNS information with no plans on deviating from these methods...[nbsp][nbsp]From a management and security standpoint, it is the best way to go when you are handling tens of thousands of zone file resource records...

--
Terra
--security has proven inversely proportional to convenience.--
FutureQuest

[This message has been edited by ccTech (edited 01-23-01@03:33 am)]

I see that one of the features FQ offers to hosting accounts is a dedicated ip address.

Therefore, i should be able to see my site by just typing this ip in my browser.

If the above holds true and i run my own dns, why can't i map whatever domain or subdomain (including *) to that address?

Bravo Gonzalez

If the above holds true and i run my own dns, why can't i map whatever domain or subdomain (including *) to that address? You can, but your subdomains will all show the same content as the site itself. You won't get any internal mapping without internal DNS, unless you redirect the browser to http://your.ip/subdir/, which is not an ellegant solution...

------------------
Justin Nelson
SFE Software (http://www.sfesoftware.com)

Matt, I think it is the first one.

I'm sure that FQ doesn't let anyone who is not in their employ have access to their DNS servers. But you can have a DNS server outside of their service that points to an IP address on their servers.

This would allow you to change things easily, such as subdomains, maybe have part of the domain point to FQ and part point somewhere else, handle the MX records for the mail servers, etc...

Of course, can be a bit of responsibility. If you don't know what you're doing, you can really mess things up so no one can reach your site. I'm handling my own DNS through easyDNS.com, for a site that does not reside on the FQ servers, and although easyDNS.com makes things easy, I still get a bit nervous about goofing things up.

Handle Your Own DNS: Yes that's fine. I do not understand what is meant by this. My familiarity with DNS servers is limited to what is provided by the MyDNS service at MyDomain.com.

Does the quote mean that the DNS servers can reside externally from FutureQuest and direct users to a specific FutureQuest IP address? This I would understand.

Or does this mean that there is a method of changing settings on the FutureQuest DNS servers-- available to site owners? If so, where do I find out more about this?

Hope I don't sound too ignorant :|
-Matt