A domain is the thing someone types into a web browser to reach your site. The domain for this site is notechtyranny.net.
DNS is the “domain name system,” and it’s what tells your computer which server to connect to when someone tries to go to your domain. We will be configuring DNS to maximize your privacy and improve your performance with this article.
Domains
Who should you buy your domain from?
It doesn’t really matter. We can sell you a domain, but we do so at cost and even with no markup we aren’t very competitive. Find a company you like, and use them. Namecheap, eNom, and Cloudflare are probably worth your consideration.
Do I want to pay more for domain privacy?
Yes, you do.
What this does is make it so when someone looks up the information on your domain they don’t see your name and address; rather, they see the privacy company you contracted with. Ten years ago this protected you from certain classes of fraud and spam, but an age when saying “men and woman are different” may get you fired from your job and assaulted on the street, privacy becomes much more important.
Different registrars (a “registrar” is the company that sells domains) call their domain privacy services different things, but you most definitely want to pay the $5 extra for the service.
OK, I’ve bought a domain, now what?
Now you need to point it to your server here, but read on for a bit before you do that!
DNS
What is DNS, anyway?
DNS is the mechanism used to connect a domain name to a server that can handle requests for that domain. It’s easy to get lost in the weeds, so I will skip the details.
The important thing to know is this: Setting up your authoritative DNS server makes your web site available to the world, and if DNS is not configured correctly your web site will not be reachable.
If you care about how DNS works this is a brief overview, but most can skip it.
Why does DNS privacy matter?
You’re here on NoTechTyranny, we are hosting your web site that might upset some folks on the Internet, and they can’t figure out who you are because you’ve use a domain privacy service. How do folks who hate your words silence you? By attacking our web server using a Denial of Service Attack of some sort.
Basically, our server’s connection to the Internet is not infinite. To silence you people can send more data to our web server than can fit through the server’s Internet connection, which stops anyone from connecting to your web site (or any other sites we host on that server.)
So if your web site address is 1.2.3.4, a motivated opponent can simply throw more requests at 1.2.3.4 than it can handle, and you’re effectively removed from the Internet. So again we need some sort of privacy here, and something that sites between our web server and people who might want to make it hard to connect to our web server.
Cloudflare to the Rescue
Cloudflare offer a free DNS service that protects the identity of your web server, and protects against even the largest denial of service attacks. And it’s free (at least for the basic level of protection).
Basically, when you use Cloudflare DNS, you’re inserting Cloudflare between your web server and the Internet. It sits in front of your site in a way that protects against the most common denial of service attacks. This video shows you the steps you need to set up Cloudflare:
Security is the big win with Cloudflare, but they also offer a free CDN as well. A CDN is a “content delivery network,” and that will save the bigger parts of your web page across dozens of computers on the Internet, and when a visitor comes to your site they will get those big parts from servers closer to them than your server. This results in a faster web site, a better user experience, and higher search index ratings.
The downside of Cloudflare
We host your web site on a cluster of web servers. This means we can move your site from one server to another if your web site is starting to fill up, or we have faster hardware to move you to, or if your server dies and we restore to a new server to minimize downtime.
When we move your web site to a new server, its IP address will change to that of the new server, and this means that for people to connect to your site your authoritative DNS server needs to be updated with the newest information.
This means that every time we move your server you need to update Cloudflare with the new IP address, or you need to allow our DNS server to update Cloudflare automatically.
Directions on how to do this are available here, but don’t just jump right into making that change with an existing site:
https://enhance.com/docs/dns-role/dns-cloudflare.html
Be careful! When you connect our DNS to Cloudflare it will overwrite all the records that Cloudflare has with whatever we have in the local DNS! This is fine if your domain is new, but if it’s an existing domain with lots of custom DNS records for things like e-mail servers, then this will break things.
If you are going to integrate our DNS with Cloudflare, you must copy the DNS records from Cloudflare to our DNS first!
If you aren’t sure please submit and support ticket and we will help you with integrating Cloudflare with the domain you’re hosting with us.