-
Notifications
You must be signed in to change notification settings - Fork 122
Setting up your Canarytokens DNS correctly
JayJB edited this page Aug 24, 2021
·
3 revisions
- two domains:
- one is used for the public facing web application; we can call this the frontend domain.
- other is used for the Canarytokens' embedded urls; we can call this the backend domain.
- public IP address of server running your Canarytokens docker.
We recommend two domains because we have found that setting up the DNS is easier and more reliable. It also allows you to have a disconnect of domain between what everyone can see and what your Canarytokens trigger on.
For the rest of the explanation we will use frontend domain as frontend.com and backend domain as backend.com. We will also use SERVER_IP as your server's public facing IP that will be running your Canarytokens Server.
- At domain registrar, set your Name Servers to point at the DNS servers that are running your "Hosted Zone" file. For example, if you have AWS route53 managing your zone file but GoDaddy is your registrar for your domain,
frontend.com. You would request the Name Servers to point the AWS supplied name servers, sayawsdns-1.com, awsdns-2.com. - Head over to your zone file for your domain.
- Configure NS records as the same Name Servers you supplied the registrar. e.g.
frontend.com NS 10 awsdns-1.com
10 awsdns-2.com
- Configure A record for your domain. e.g.
frontend.com A SERVER_IP
- Configure A records for your domain's name servers. e.g.
ns1.frontend.com A SERVER_IP
ns2.frontend.com A SERVER_IP
- At domain registrar, set your Name Servers to point at the two nameservers you set for
frontend.com.
backend.com NS ns1.frontend.com
ns2.frontend.com
- Head over to your zone file for your domain.
- Configure NS records as the same Name Servers you supplied the registrar for this domain. e.g.
backend.com NS 10 ns1.frontend.com
10 ns2.frontend.com
- Configure A record for your domain. e.g.
backend.com A SERVER_IP