Stop your domain from being resolved.

Discussion in 'Server & Community Management' started by RBS0, May 25, 2013.

  1. Hey spigot community, I found this article HERE and if you follow all of the steps shown, you will not be able to resolve your domain. I take no credit for this article, I am simply posting it so more people become aware of this simple way to avoid 12 year old kids with "booters" from attacking your server. Note: I do not use HostHorde for hosting :p.
    =================================================================


    For this tutorial, we'll be managing DNS settings via CloudFlare. The settings shouldn't differ much for the domain registrar you're currently using - however, not all registrars allow you to edit SRV records directly. You may need to contact them to do this.

    For less hassle, you may wish to consider switching your DNS to CloudFlare. It's free, you don't need to change your hosting provider or move away from your registrar. The only change you make with your registrar is pointing the authoritative name servers to CloudFlare's name servers.

    If you're interested in doing this, head over to www.cloudflare.com - they'll guide you through getting it set up.


    Configuration

    First, log in to CloudFlare and select "DNS Settings" for the domain you wish to use.

    At the bottom of the page, select "SRV" for entering a new record, like in the following screenshot:
    [​IMG]
    In the fields, fill out the settings as follows:

    • Service: _minecraft
    • Protocol: tcp
    • Name: [subdomain] (This is the subdomain you'll use for connecting to your server. For example, if your domain is example.com, and you wish to connect via play.example.com, you would enter just "play" in the field)
    • Priority: 0
    • Weight: 0
    • Port: [port] (Enter the port number of your HostHorde Server - if your full server address is "s1.hosthorde.com:25565", you would enter just "25565")
    • Target: [address] (Enter the address (without the port) of your HostHorde server - for example, just "s1.hosthorde.com")

    Note: Some registrars do not include the "Name" field. If the name field is not available, include the name alongside the protocol, by typing "_tcp.play". ("play" being the name)
    With the settings all filled out, your configuration should now look similar to the following screenshot:[​IMG]
    These settings allow us to connect to our demo server using the address "play.hosthorde.com"
    Save your settings, and you're done! Please note that it can take several hours for the DNS information to propogate, meaning you may not be able to connect to your server using the new information immediately.
     
    • Disagree Disagree x 2
    • Like Like x 1
    • Optimistic Optimistic x 1
  2. All it takes is 2 commands for me to find the real ip/port. If they really want to take you down, they will find a way.
     
  3. There is no way to make it not resolve unless there is truly no records in the DNS... at which point no one can connect or play. Please do not throw words you do not understand around. We've proved to you how easy it is to get your IP address even through this setup on the IRC. The only way to be truly protected is to get proper protection.

    Three ways to go about this:

    1. Get server from MD_5's thingy.
    2. Get protection from big name providers.
    3. Follow my article's guide and use either GRE tunnels or TCP tunnels.

    No other logical way around it at this point.
     
    #3 andyhuang, May 25, 2013
    Last edited: May 25, 2013
  4. I never said this would make it impossible to resolve your domain, this method is not supposed to make your server "ddos proof" but to lower the chances of an angry 12 year old from using his "booter" to resolve it.
     
  5. Mikgreg

    Supporter

    "stop your domain from being resolved"
     
  6. Well now that I look at it, I would change it to "Prevent Your Domain From Being Resolved" but its too late for that now.
     
    • Like Like x 1
  7. My first post on these forums (the reason I signed up) was to point out how easy it is to get around this -> Hide Minecraft Server IP address?

    If using Cloudflare, you can add the SRV record, and the A record (pointing to a webserver running on that IP address). Then activate the CloudFlare protection on your domain. This allows you to host your own website and protect your servers IP (from complete script kiddies) because the address resolves to a CloudFlare address. (though they can still get your Minecraft servers IP through the method I linked to above)