1. Home
  2. Forums Index
  3. Server Side / Linux, Unix, and *nix like Operating Systems 11:47 pm May 20, 2026

Forum Moderators: bakedjake

Message Too Old, No Replies

All Website redirect to ww9 (fake dns record)

         

juest4net

7:14 pm on Oct 14, 2015 (gmt 0)

10+ Year Member



I have centos 6 and all account (user websites) redirect to ww9.domain.ext When I check the nslookup find some fake record

ww9.mydomain.net IN A 166.78.101.108 604800s (7.00:00:00)
*. mydomain.net IN A 77.247.178.109 604800s (7.00:00:00)
*.mydomain.net IN A 77.247.178.109

server: ns1.dnsmanage.co email: dns@dnsmanage.co serial: 2015061902 refresh: 7200 retry: 3600 expire: 604800 minimum ttl: 86400


This in not my ns server or ip address! , I check the zone files at /var/named and every thing is fine , also check domain control panel for ns record and my ns1 and ns2 point to correct ip address

I do not know these records come from

lucy24

9:08 pm on Oct 14, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Clarify, please. Which parts of the record are the parts you want, and which parts do you not want?

There's little you can do to keep some skunk from pointing their own DNS records to your physical space, if that's what you're describing. That's why every site needs a domain-name-canonicalization redirect (exact format will depend on server type).

I looked up the exact numbers while we're here. The first is Rackspace Cloud; the second is NForce in the Netherlands. I can't decide which of the two-- "Cloud" or "hosting in Netherlands"-- is more worrying. Which one is yours?

Hoople

3:53 am on Oct 15, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Try and isolate whether it is this machine or the website in question. Run the site through a DNS health checking page and pay attention to what server is hosting the SOA record. Compare this to the data of the domain at it's registrar. Then walk it forward to the other configured DNS servers (as set at the registrar). They should duplicate the first one, ie the one hosting the SOA.

I would also check the DNS servers this local Centos machine is pointing to. Known reliable? Try temporarily switching the DNS configured to Google DNS at 8.8.8.8 - see if the results change. If this DNS change produces no or only some improvement your SOA replicas shared by your SOA host/or represented as a replica of it are suspect.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Linux, Unix, and *nix like Operating Systems 11:47 pm May 20, 2026