The case: on a dev server that a few people share the root account, someone made a typo adding double period in the domain name and of course BIND was not happy with such a record.
Suggestion: the solution is obvious, just fill the stuff properly; but would it be possible/sensible to add some checks for obvious mistakes and even some nefariously spelled domains from an external system? IE characters not accepted but with some extra stuff?
Because I tried to create some domains with the likes of ! @ # $ % ^ & * ( ) ; : , ? / \ = + < > and Virtualmin properly prompted me that there are some unacceptable chars in the name.
Makes any sense? As there never should be two consecutive dots in a domain name… right? Maybe I don’t know some stuff - would be fun to find out some new crazy sh… that I thought it wasn’t doing any good.
I guess it depends on what you term as “obvious” and “nefarious”.
I guess the “obvious” could include .. but would certainly oppose some arbitrary definition of “nefarious” which could include domain name “censorship”. It should only be led by the standards on domain naming.
I don’t know how you entered it or if the GUI makes use of this:
So, possibly a button to add these checks?
Bottom line, system admin requires a bit of skill. Even if there were a button for this, people will start complaining it doesn’t give the exact error.
Well, for the giggles, I was wondering if there are some actual uses that I don’t know of - so please give an example and a link to tech article if there are. And please stop analyzing the wording and let’s make Virtualmin forum great again by not just posting in forums.
If there aren’t, than we are dealing with something that can be exploited: because yeah, I can just create a fake account on some shop/billing system and create some bunch of domains with extra dots in them on peoples server… Even if those stop them (I don’t care to check my WHMCS as I hate everything about it big time, and trying to replace it for years), Virtualmin maybe shouldn’t rely on random third party software.
But was expressing caution on using some abstract rules on applying any other rules.
The only rules that should apply to a field for entry of a domain name are those that enforce the official standard applied to the naming of domains (ICANN etc) and does it actually matter if I enter a fake domain name that will never resolve because it is fake (I am just making a stupid error that will cause me more work to resolve. As a sys admin I consider it my job to fill in those fields correctly. So I guess that also applies to the double dot check
You still didn’t get what I was saying - those records for sub…example.org are written in BIND no matter what. And there you go, so it is exploitable. It is not just about admins, I just mentioned what happened for context… not to get empty lessons about typos, or censorship.
Please, this a bit of a problem on Virtualmin forums, until someone from the team gets to a post, with a “yeah” or “mnope” it is filled with nonsense.
Ah - and this maybe applies even for existing users on a server that can create extra subdomains. A mistake or on on purpose - seems normal to get BIND stuck with such records?
Maybe I edited it out of my initial post, but ICANN no longer requires English character sets. So, this gets to be quite a project in it’s own right.
Maybe I don’t know some stuff - would be fun to find out some new crazy sh… that I thought it wasn’t doing any good.
by not just posting in forums.