DNS and Web Hosting

# CHAPTER 10

DNS and Web Hosting #

1. Introduction #

Purchasing a domain name is like buying a customized license plate; buying Web Hosting is like buying the actual car. They are two entirely separate products, often purchased from entirely separate companies. The most critical step in launching a website is the moment you bolt the license plate onto the car. In this chapter, we will bridge the gap between domain registration and web hosting infrastructure. We will explore the different methodologies for connecting domains to servers—from basic Shared Hosting Nameserver updates to precise VPS A Record configurations and complex CDN integrations.

2. Learning Objectives #

By the end of this chapter, you will be able to:

• Explain the fundamental difference between a Domain Registrar and a Web Host.

• Connect a domain to Shared Hosting by altering NS (Nameserver) records.

• Connect a domain to a Virtual Private Server (VPS) using A Records.

• Understand the DNS mechanics of integrating a CDN (like Cloudflare).

• Configure root domains and www subdomains simultaneously.

3. Beginner-friendly Explanations #

The Phonebook and the House:

• The Domain Registrar (GoDaddy, Namecheap): This is the company that prints the phonebook. They own the right to print your name (mystartup.com).

• The Web Host (AWS, Bluehost, DigitalOcean): This is the landlord. You are renting a physical house (a Server) to store your furniture (HTML/CSS files). The house has a GPS coordinate (an IP Address).

To make your website live, you must log into the Phonebook company and tell them the GPS coordinates of the House.

4. Method 1: The Shared Hosting Approach (NS Records) #

If you buy beginner "Shared Hosting" (like HostGator or Bluehost), they make DNS incredibly easy for non-technical users. Instead of making you configure individual A Records, they ask you to hand over total control of your DNS to them.

1. 1. You log into your Domain Registrar.

1. 2. You find the Custom Nameservers section.

1. 3. You delete the default nameservers and type in the host's servers:

• ns1.bluehost.com

• ns2.bluehost.com

*What happened?* You just changed your Authoritative Nameserver. The Registrar no longer handles your DNS. The Web Host now has total control and automatically configures all the A records behind the scenes for you.

5. Method 2: The VPS / Cloud Approach (A Records) #

If you are a developer using a Cloud Provider (AWS, DigitalOcean, Linode), you do *not* hand over Nameserver control. You keep your DNS managed at the Registrar and configure the specific records manually.

1. 1. You rent a Linux VPS. The cloud provider gives you a Public IP: 203.0.113.10.

1. 2. You log into your Domain Registrar's DNS Dashboard.

1. 3. You create two records to ensure both versions of the URL work:

• A Record: Name: @ | Value: 203.0.113.10 (Handles mystartup.com)

• A Record: Name: www | Value: 203.0.113.10 (Handles www.mystartup.com)

*(Alternatively, make the www a CNAME pointing to @).*

6. Method 3: The CDN Approach (Cloudflare) #

Modern enterprise websites route their traffic through a Content Delivery Network (CDN) and Web Application Firewall (WAF) like Cloudflare to protect against DDoS attacks.

How does a CDN intercept the traffic? Via DNS.

1. 1. You create an account on Cloudflare.

1. 2. Cloudflare gives you two Nameservers (e.g., chloe.ns.cloudflare.com).

1. 3. You log into your Registrar and change your Nameservers to Cloudflare.

1. 4. *Now Cloudflare is your Authoritative Nameserver.*

1. 5. Inside Cloudflare, you create the A Record pointing to your actual Web Server IP.

*The Magic:* When a user types your URL, DNS routes them to Cloudflare's massive global servers. Cloudflare inspects the traffic, blocks hackers, and proxies the clean traffic to your hidden Web Server.

7. Step-by-Step Flow: Pointing a Domain #

A checklist for taking a website live:

1. 1. Verify Web Server is running and responding to its Public IP address.

1. 2. Determine your DNS strategy (NS Handover vs. Manual A Records).

1. 3. Log into Registrar and update DNS settings.

1. 4. Lower TTL if migrating an existing site; use standard TTL if a brand new site.

1. 5. Wait for DNS Propagation (Verify using global ping tools).

1. 6. Generate SSL/TLS Certificates on the web server (Certificates require DNS to resolve correctly to generate!).

8. Best Practices #

• Separate DNS from Hosting: Professional DevOps engineers rarely use their Web Host as their Authoritative Nameserver. If your Web Host crashes, and they also control your DNS, you cannot route traffic to a backup server. Best practice is to use a dedicated, highly reliable DNS provider (like Route 53 or Cloudflare) to manage A Records pointing to your various web hosts.

9. Common Mistakes #

• The Naked Domain Dilemma: Users configure an A Record for www.website.com but forget to configure an A Record for @ (the naked domain). As a result, users who type website.com into their browser hit a DNS error, while users who type www succeed. Always configure both.

10. Mini Project: Check Website Architecture #

You can use DNS tools to figure out how a company hosts its website.

1. 1. Open a terminal.

1. 2. Run nslookup -type=ns reddit.com.

• The output will show Route 53 servers (AWS). Reddit uses Amazon for Authoritative DNS.

1. 3. Run nslookup reddit.com.

• Look at the IP addresses returned. If you search those IP addresses on a tool like whois.domaintools.com, it will tell you which cloud provider owns the physical web servers!

11. Practice Exercises #

1. 1. Explain the architectural difference between changing a domain's Nameservers (NS Records) versus changing a domain's A Record.

1. 2. Why does integrating a CDN like Cloudflare require you to change your domain's Authoritative Nameservers?

12. MCQs with Answers #

13. Interview Questions #

• Q: A client purchased a domain on GoDaddy and rented a Linux server on AWS. Walk me through the exact DNS configuration steps required to make the website live on the internet.

• Q: From an infrastructure redundancy perspective, explain why it is advantageous to decouple your Authoritative DNS provider from your Web Hosting provider.

• Q: How does a CDN utilize DNS hijacking (legitimately) to proxy and protect web traffic?

14. FAQs #

Q: Can I host multiple different domains on a single Web Server with one IP address? A: Yes! This is called "Virtual Hosting." You point the A Records of 10 different domain names to the exact same Server IP. When the HTTP request hits the server, the web software (like Nginx or Apache) looks at the requested URL in the HTTP header and routes the traffic to the correct folder on the hard drive.

15. Summary #

In Chapter 10, we successfully bridged the gap between domain nomenclature and physical server infrastructure. We navigated the two primary methodologies for taking a website live: handing over Authoritative control via NS Records (typical for Shared Hosting and CDNs) versus manual, granular traffic routing utilizing A and CNAME Records (typical for Cloud VPS environments). By enforcing the best practice of configuring both root and www endpoints, and understanding the strategic decoupling of DNS from web hosting, we gained the practical skills required to deploy production web architecture.

16. Next Chapter Recommendation #

The internet relies on DNS to route all global traffic. What happens if hackers learn how to manipulate the phonebook? Proceed to Chapter 11: DNS Security Basics.