Comment by Mike Scott on If I purchase AWS reserve instance in mid of month,...
In which case there's only an hourly cost, which you pay whether or not the instance is running.
View ArticleComment by Mike Scott on Difference between SSL VPN tunneling and SSL in HTTPS
No, there are other reasons to use VPNs, but those reasons don’t apply to Internet websites accessed with TLS/SSL, which is what we’re discussing here.
View ArticleComment by Mike Scott on What does the netmask in an IP address actually tell...
@CodyBugstein No, not the router, the actual device that has the IP address.
View ArticleComment by Mike Scott on Cloudfront GoDaddy DNS - SSL Certificate Issues
Yes, you should be able to use a Route53 alias record. See here for instructions: docs.aws.amazon.com/Route53/latest/DeveloperGuide/…
View ArticleComment by Mike Scott on Let's Encrypt certificate to cover both wildcard...
The FAQ says it should work: “Note: on the verification screen you will see that the same DNS text records should be created with two different values - this is normal and this is how you should create...
View ArticleComment by Mike Scott on Will ssh tunnelling be a simpler way to solve my...
From the WireGuard website you linked to: “WireGuard is not yet complete. You should not rely on this code.”
View ArticleComment by Mike Scott on Suppressing ssh banner from OpenSSH client
While it’s true that the question didn’t actually specify that they don’t have write access to sshd, it seems pretty likely since it did specify no sshd_config access. They’re looking for a...
View ArticleComment by Mike Scott on How can i do a redirect with 404 as status code in...
What is your SEO requirement? There may be an actually possible way to achieve it.
View ArticleComment by Mike Scott on how does a name server knows which is the correct...
@PedroBrost You can’t just create a DNS record of your own on someone else’s name servers (except by hacking them if there’s a problem with their security).
View ArticleComment by Mike Scott on If my DNS TTL is 1 hour, should I expect half of...
Unless you’re Google, most DNS servers won’t have your record cached at all, and so the TTL won’t matter for those servers.
View ArticleComment by Mike Scott on How to identify all IPv6 addresses for a user
One users is quite likely to have a /48 network, which means they have more than a septillion IPV6 addresses available to them. Even if they only have a /64, which is the minimum possible allocation,...
View ArticleComment by Mike Scott on Accelerate loading time in others countries by...
If you rent a cheap virtual server in one of the affected countries, you can use it to run performance tests to your site in France and work out what the actual problem is.
View ArticleAnswer by Mike Scott for Way to limit Amazon ELB to a fixed set of IP addresses?
You can download a complete list of IP address ranges used by AWS, and get your clients to whitelist the lot. They will need to update the whitelist when the list is updated. Or just tell them to...
View ArticleAnswer by Mike Scott for Possible to announce IPs through AWS?
No, you can't do it. You can only route Amazon IPs to AWS instances.
View ArticleAnswer by Mike Scott for what does "low address bits are meaningless" mean?
There's no such network as 192.168.0.1/24, because it doesn't start on a legitimate boundary between /24 network ranges. The last bit of the address is set, but is meaningless in this context. The...
View ArticleAnswer by Mike Scott for How to tell if it's your problem or your ISP's problem
The best tool is the scientific method. Form a hypothesis about the cause of the problem. Write it down. Formulate an experiment that will test the hypothesis. Write it down. Conduct the experiment....
View ArticleAnswer by Mike Scott for How to protect origin server?
CloudFlare passes an X-Forwarded-For http header with its requests to your origin server, giving the original IP address of the requester. You can log that header at your end if you want to.
View ArticleAnswer by Mike Scott for Where and how properly keep my private and public...
The public key doesn't matter. There's no need to keep it secure, it should be widely distributed, and if you lose it you can always recreate it from the private key. It's only the private key that you...
View ArticleAnswer by Mike Scott for Something is blocking port 25 - how to debug?
Most VPS companies prohibit and block outbound traffic on port 25 to stop them being used for spamming. You'll need to use a third-party mail relay that listens on a different port (which may well be a...
View ArticleAnswer by Mike Scott for Multi-core processor - what is the meaning of this?
The numbers 3, 5 and 7 in i3, i5 and i7 are just part of the branding -- they aren't actually counting 3, 5 or 7 of anything, any more than the old 80386 CPUs actually had 80,386 of anything.
View ArticleAnswer by Mike Scott for Encrypted network connecting public IPs without...
No, if you use OpenVPN or similar, you will still have to assign other IP addresses for the VPN connections. The only way to do it that technically answers your question would be to assign additional...
View ArticleAnswer by Mike Scott for How is it possible that the same IP is shared...
It's not actually five different websites using your service, it's one server which happens to host five different websites. Your service is used by servers, not by websites. To differentiate between...
View ArticleAnswer by Mike Scott for What exactly is the diffference between Route53...
The most obvious application is split horizon DNS, as the document says. Suppose you have some service on the hostname service.example.com, running in AWS, that is accessed both by your own AWS...
View ArticleAnswer by Mike Scott for Can X-FORWARDED-FOR contain multiple IPs
Yes, if a request is chained through more than one proxy server, then each proxy should add the IP of the preceding one to the existing X-Forwarded-For header so that the entire chain is preserved.
View ArticleAnswer by Mike Scott for How to do Fixed length subnetting?
There are 256 addresses in the given network. That means your subnets can have 64 addresses each, i.e. they are /26 subnets. Everything else follows by simple calculation.
View ArticleAnswer by Mike Scott for Is there any contraindication for using the same...
A need for PCI compliance would be a contraindication. PCI DSS version 3.2 requires that you "Implement only one primary function per server to prevent functions that require different security levels...
View ArticleAnswer by Mike Scott for Can I buy a domain name for a server I do not own?
Yes, you can, because there's no such thing as a "domain name for a server". Domain names are not attached to servers. You can buy any domain name you want, that's not already owned by someone else,...
View ArticleAnswer by Mike Scott for Can you tell who own's an IP address? Like a whois...
You can tell who owns an IP address by looking at BGP routing tables, but that shouldn’t be a concern for you, because the IP address is owned by the company you rent the VPS from, not by you. The...
View ArticleAnswer by Mike Scott for Propagate new DNS records faster
New A records shouldn't have any propagation delay at all, since they aren't cached anywhere. Any DNS client that can't find your new record in a cache should be going direct to your authoritative...
View ArticleAnswer by Mike Scott for What is the purpose of the < (less than symbol)...
It’s to make it read the contents of the file rather than using the literal string “/etc/dovecot/private/dovecot.pem” as the certificate.
View ArticleAnswer by Mike Scott for Trying to remotely access my machine after SSH port...
I’m afraid you’re screwed. It’s unlikely that the licence server has a vulnerability that you can exploit to gain access or reboot the machine. Note that you don’t necessarily need physical access, if...
View ArticleAnswer by Mike Scott for Remote system over satellite link
You could try using mosh instead of ssh — with local echo and support for intermittent connectivity, it ought to make the experience more bearable.
View ArticleAnswer by Mike Scott for Does the power consumed by an air conditioner adds...
Yes and no. Air conditioners obviously do generate heat from their own power usage, but the formulae to calculate how much equipment-generated heat they can deal with already take that into account —...
View ArticleAnswer by Mike Scott for How can i do a redirect with 404 as status code in...
You can’t. 404 isn’t a redirect status code, it’s an error status code, and so web browsers that receive it will treat it as an error rather than a redirect. If you want to say that the page isn’t...
View ArticleAnswer by Mike Scott for What tools, parts, and supplies should be kept in a...
In addition to what’s already been mentioned:Spare cartridges for the label printerAn earthing strapA reel of Cat6 cable for use with the crimping toolsA USB phone charger with Lightning, Micro-USB and...
View ArticleAnswer by Mike Scott for SRV record not working properly?
I think you’re missing a couple of .s. Try:example.example.com. IN CNAME example.com.
View Article