Feedback: Bug - user can add domain name on local language

N

nservices

Verified User
Joined
Dec 11, 2008
Messages
300
Hi,
some user of my shared hosting server add domain name as hebrew domain without using the IDN convertor, for example: שם-דומיין.co.il
instead of: xn----6hcgqatkk6f.co.il
after this domain was added to the server, the named service go's down
and culd be start until I remove the domain name manualy
it's not safe and better to block the option to add this kind of domain names (local language)?

Best Regards,
Star Network.
 
I actually already had asked for a FR to disable a user to use Domain Administration and so the ability to remove/readd (and so rename) a domain.

DA Staff suggested me to use allow/deny cmd, but, i think a feature with checkbox (possible at package level) should be very much easyer/usefull.

Regards
 
@Andrea,

I guess, the feature request, you're referring to, is only a half of a problem. It won't solve the issue mentioned by the author of this thread.
I'd rather say we need something like dns_create_pre.sh and dns_raw_save_pre.sh; so we could do a check in it before creating a DNS zone.
 
Yes is for sure a workaround for that and not the complete solution, was just a way to try to mark my request aswell :)

Regards
 
I'm with you, if talking about a check of a domain just before DNS zone gets created. It's not a question of JS check of the form in browser. I'd like to see it globally, so API request and request from a Multiservers would get through a validation check.

I actually already had asked for a FR to disable a user to use Domain Administration and so the ability to remove/readd (and so rename) a domain.
Click to expand...

By the way, isn't it implemented yet? It seems it's done http://directadmin.com/features.php?id=1262
 
Yes it is using command.deny as i wrote, but, i would expect a little thing more, the ability to set as default for a package without need to run a script per-user-creation with the command.deny generation by script.

Regards
 
@SeLLeRoNe,

Ohh, now I see. Feel free to send me a request (from my site), possibly I could write a free plugin to manage it when I have some time.



So, backing to the subject of the thread, I think it would be good to have

dns_create_pre.sh and dns_raw_save_pre.sh

so we could do some validation check and/or built-in Directadmin check (working for API including Multiserver calls and general calls) of domains before a DNS zone gets created and added into named.conf.
 
Well ive managed to fit this with custom package and post creation/edit scripts, now there is just a point to fix and ill post it in the fr i did made in past.

Thanks Alex
 
I've just found out we have no /usr/sbin/named-checkzone on some servers (as we don't use bind on every directadmin powered server). Could it solve the problem of validation of DNS zone mentioned here by me and the TS?
 
I was coming over the same issue with german "Umlaute" .. "ä"; its from 12/2011 and was fixed shortly after it happened, and i forgot to post it - however - if you can need the info, here it is:

x) Yesterday I registered a domain with the german "ä" inside: "gebäudereinigung-taubinger.at" - and I wrote it also in DA; a few hours later I notized its not being served, but however, I have time with this domain, so I forgot about it .. till ..
x) Today about 6.30 in the morning, I was not able to receive emails and notized all websites are not reachable. Also no ssh possible..
x) I logged in into the Support Console (datacenter) and did a soft restart - nothing. Then a hard-Reset - and I could gain access to ssh and the DA-cp, but still no domains/emails.
x) named was down, I got the error: /sbin/service named restart 2>&1 and was not able to start/restart named in DA nor via ssh. By googling DA-board I found possible errors with bind and in var/messages I found at last message my "gebäudereinigung-taubinger.at" - I renamed it in DA, got right another error (i cannot remember), but the domain was renamed successfully to IDN, and named was running again.
x) At last I`ve got wrong servertime, but I was able to find the commands in the history and to reset it to right time.

All problems solved - BUT - If any customer would add an domainname like "gebäudereinigung-taubinger.at" this would shut down the complete server within the next 12-24 hours ??
If this is true, then it could be a serious bug, it coulnd? What do you think?
 
Is named-checkzone enabled in directadmin.conf on your server?
What if you run (for CentOS)

Code: 
named-checkzone gebäudereinigung-taubinger.at /var/named/gebäudereinigung-taubinger.at.db

or for Debian

Code: 
named-checkzone gebäudereinigung-taubinger.at /etc/named/gebäudereinigung-taubinger.at.db

?
 
Hello Zeiter,
thanks for the fast reply.

No, named-checkzone isnt there in my da conf.

I solved the issue already by renaming the domainname inside DA to the IDN version xn--gebudereinigung-taubinger-nec.at.db

Would adding named-checkzone to the directadmin conf solve the problem? Can you confirm this?
(And how the line have to look, eg: "named-checkzone=1" in directadmin.conf ?)

Thank you
 
What do you see if you run:

Code: 
/usr/local/directadmin/directadmin c | grep named_checkzone
?

I've just checked, no it seems it does not help. I guess I need some more time to say it for sure.
 
[root@good ~]# /usr/local/directadmin/directadmin c | grep named_checkzone
named_checkzone=1
[root@good ~]#

/usr/sbin/named-checkzone is also there (centos)
 
You must log in or register to reply here.
Back
Top