DNS Propagation – Why Domains Take Too Long?

Why Does DNS Propagation Take Too Long?

The DNS propagation takes too long  because some ISP servers and computers remember the the (old caches) setting for a long period of time. How? your computer, as well as the servers of your Internet Service Provider  only update the records for the long interval of time. They assume that the records are the same as the last time it checked.

Before we learn about  DNS propagation, let first learn a little bit about how DNS works. When you setup a website with a web hosting company, they always create a Master DNS record in their Domain Name Servers. When the change of the nameservers take place, the domain registrar (the company you paid for the honor of owning your domain name) will points the domain to webhosting provider DNS server because they host the master authority of domain.

If the website is queried from outside, the query command first go to the registration database to find out the DNS authority of the website. Then they visit webhosting DNS servers to find out what is the IP Address for the domain name in question, and from there the public audience can now access the website.

In order to speed up the rate at which their customers can view the internet, each Internet Server Provider caches the DNS records to their servers. They make their own copy of the master records and read them locally instead of reading them from the remote server. By this approach it  speeds up website accessibility by (1) speeding up the duration browser uses to call the domain name  (2) Reduce the amount of traffics on the web and therefore making the website load more faster

The negative part of the caching process is that different ISP update the caches differently; some instantly to 24 hrs, 36hrs and even others go to 72hrs. The rate of updating the cache between current to 72hrs is what we call DNS propagation. When the process is complete everyone will now see your website. Because the caching updating differ between ISP servers, the propagation duration is therefore said to vary between 24hrs to 72hrs for DNS and IP addresses to completely propagate to all ISP and hence become usable.

Check your website if it is propagating in some ISP abroad

The following online proxy service can show your website by bypassing your local Internet Service Provider

Proxy – Hide.me
https://hide.me/en/proxy
We offer a free web proxy to easily access blocked websites and surf the web … We handpick servers that live up to our high standards of security and privacy.

Online Anonymous Proxy
https://zend2.com/
Online anonymous proxy server. Online proxy for watching movies, browsing youtube. This site works also as a Facebook proxy.
?Facebook Proxy – ?Youtube proxy – ?Edit Browser – ?About us

KPROXY – Free Anonymous Web Proxy – Anonymous Proxy
https://kproxy.com/
Hide your IP address (your location and personal information) online. Protect your data from snooping by your internet service provider. KPROXY EXTENSION.

How to Clear Caches

C:Documents and SettingsUser>ipconfig /flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:Documents and SettingsUser>nslookup cssites.com
Server:  ns1.mindspring.com
Address:  207.69.188.185

Non-authoritative answer:
Name:    cssites.com
Address:  208.113.181.173

C:Documents and SettingsUser>nslookup 208.113.181.173
Server:  ns1.mindspring.com
Address:  207.69.188.185

Name:    apache2-ugly.drpepper.dreamhost.com
Address:  208.113.181.173

Recommended Website to Check your DNS

DNSstuff.com

(Generate full DNS report; DNS status, warning and errors with detailed information)

What’s my DNS? (Will show you a list of common name servers around the world, and tell you whether or not certain records related to your website have propagated to them)

intoDNS (will provide a complete list of your DNS records if available. If records are not yet available DNS propagation has not yet been completed fully)

Pingdom  (Check DNS errors and warnings with additional information)

propagatedyet.com (Check domain DNS propagation against its IP Address)

Checkdnspropagation.com (Check domain propagation and if all parameters agree to each other)

Reasons to why website is suspended by web host

Unsettled Bills

A website can be suspended due to unsettled bills related to that domain or website. It can be web hosting annual fee, domain registration fee, the website design charges not paid or other critical reasons

Violation of server terms and conditions

The website can also be suspended if it violates server terms and conditions. These terms vary according to the host but common ones are:

  1. Email spamming
  2. Server resource over usage eg. Over CPU usage, physical memory over use, Virtual memory over use, too many processes normally over ten (10) processes etc
  3. It can also can be suspended if it is under attack or hacked. The hacking can originate from admin or backend access, database injection or cross platform scripting.

How is the website attacked?

Backend or Administrator access

The access through the backend are normally caused by using either weak password, common words, and easy to guess usernames.  

SQL Injection

SQL injection is a code insertion method, used to attack database-driven web applications, in which evil SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

Cross-site scripting -XSS

Crosssite scripting (XSS) is a kind of computer security hole typically found in web applications. XSS allows assailant to insert client-side scripts into web pages viewed by other users.  This is normally used for phishing, stealing users important information like passwords and credit card numbers

Bugs

scrip bug is an error, flaw, failure or fault in a web application that causes it to allow attacker insert harmful codes/commands to that applications  

Poor coded scripts

Poorly coded scripts in many cases originate from students who are still learning or from developers with insufficient coding skills and experiences. The poor coded scripts can also originate from pre release software or beta

Cross-Site Request Forgery (CSRF)

Cross-site request forgery is abbreviated as CSRF is a type of harmful exploit of a website where unlawful commands are sent from a user that the web application trusts.

DDoS Attack

A distributed denial-of-service(DDoSattack takes place when multiple systems flood the bandwidth or resources of a targeted server, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic.

Server security misconfiguration

Security Misconfiguration arises when Security settings are defined, implemented, and maintained as defaults. Good security requires a secure configuration defined and deployed for the application, web server, database server, and platform.

Email spamming

There are two types of email spamming

  1. Bulk emails are sent to your email server from unanimous senders
  2. Bulk email are sent to third parties in bulk via your email server by spoofing means

How to protect your website from Attacks

Backend or administrator access

Always use difficult to guess usernames and strong passwords. Password from 8 and above characters that contains at least 4 character types from Capital, small letters, numbers and special characters can reduce the risk.

Parallel to this deploy to your website login attempt limiters and firewalls. This can reject all dictionary or related bots that guess your username and passwords.

Implement also webmaster reporting mechanism if something changes from your website. You may go far by limit logins from know IP addresses or countries. If you don’t have any deal to specific country, then block your website from appearing from those vulnerable countries. If at all you don’t need public presence then block search engine bots and any other bots from visiting your website

SQL Injection

You may need to use difficult to guess usernames and password for your database.  Password from 8 and above characters that contains at least 4 character types from Capital, small letters, numbers and special characters can reduce the risk. Implement webmaster reporting mechanism if something changes from your database. You may go far by limit logins from know IP addresses or countries. If you don’t have any deal to specific country, then block your website from appearing from those vulnerable countries. If at all you don’t need public presence then block search engine bots and any other bots from visiting your website

Cross-site scripting -XSS, Bugs,

Buy scripts from reputable and known providers. Avoid cheap scripts. Also deploy backend security mechanism as described above. For script with bugs that are from known genuine vendors or developers, pl;ease make sure you immediately update all outdated scripts or uninstall if the vendor did not release the update patch on time    

Poor coded scripts

Buy scripts from reputable and known providers. Avoid cheap scripts. Also deploy backend security mechanism as described above

Cross-Site Request Forgery (CSRF)

Always deploy security monitors, scanners and blockers for unauthorized outbound and inbound communications

Server security misconfiguration

Check your server configuration regularly and if any misconfiguration detected correct it and or communicate to the server admin/ tech personnel for correct configuration. In many cases let the web server have the optimal security setting

DDoS Attack

  1. The best way to stop DDoS Attack is tto use the web application Firewall
  2. Monitor the DDoS Attack continuously in order to device the better option of preventing the attack

Email spamming

There are two types of email spamming

  1. Bulk emails are sent to your email server from unanimous senders
  2. Bulk email are sent to third parties in bulk via your email server by spoofing means

Protect bulk emails spamming from unanimous senders

For the first case you can use mails assassin

To enable SpamAssassin in cPanel, follow these steps:
  1. In the Mail section of the cPanel home screen, click Spam Assassin™.
  2. Click Enable Spam Assassin.
  3. To enable auto-deletion of spam messages, select a score level under Filters, and then click Auto-Delete Spam.

Protect bulk emails spamming via you email server

For the second case you can use SPF or disabling PHP Mail function in cpanel

Using SPF to control email spoofing and phishing

Adding an SPF record to your DNS zone file is the best way to stop spammers from spoofing your domain. In addition, an SPF Record will reduce the number of legitimate e-mail messages that are flagged as spam or bounced back by your recipients’ mail servers.

This is an easy way to control phishing and email spoofing.

Disabling PHP Mail function in cpanel

  1. While in Cpanel go to Software section
  2. Select PHP Version
  3. Switch to PHP Options
  4. in send mail path select /bin/true
  5. Then click apply and save the PHP setting

How to avoid website suspension?

Pay bills ontime

Always pay your bills ontime. In order not to miss when you are required to pay your bills do the following:

  1. Give your web host the emails that you commonly use and are active. If the emails is not in use immediate report to the web host for emails replacement and it is recommended to always provide extra email and phone
  2. You may need premium notification services like those that uses sms notification if you do not frequently use you email
  3. Request the web host to notify the next bill at least 60 or 30 days before
  4. Set your phone, tablet or computers to notify you before the deadline. You can even use email functions like calendar from your emails or third party websites
  5. If your website is an important asset to you or your business, plan always to pay longer payment plans

Monitor your website security

After you have secured your website, it is not the end, monitor the security of your website within your website or from third party services. The third party services common one is www.CloudFlare.com, www.websitedefender.com, www.wix.com, www.verisign.co.uk, www.uptimerobot.com etc For more websecurity info go to http://seo.co.tz/website-security-management-for-seo/

Pin It on Pinterest