DNS Cluster Security - Addon/Shared domains

jared555

Member
Jun 6, 2003
5
0
151
What happens if user A on server 1 has domain usera.com and user B on server 2 tries to add an addon domain for the domain usera.com when server 1 and 2 are in the same cluster? Does it get rejected because the zone already exists, overwrite the existing zone or block the request?

If it is anything but block is there any way to reconfigure cPanel to make sure it is blocked?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,218
463
Hello :)

Assuming the DNS role is set to synchronize changes from the hosting server to the cluster, then users are prevented from creating domain names that already exist in the cluster. If you set a server in a DNS cluster to the write-only role, WHM will not check whether a DNS zone exists before you create an account. Because of this, it is possible to create the same domain name on two or more of these servers. If this occurs, the servers will compete for updates to that domain.

Thank you.
 

jared555

Member
Jun 6, 2003
5
0
151
I assume, then, if using a service that doesn't synchronize back to cPanel it would be best to have all of the clustered servers connect together and then use one central server to do the syncronization with the external service?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,218
463
I assume, then, if using a service that doesn't synchronize back to cPanel it would be best to have all of the clustered servers connect together and then use one central server to do the syncronization with the external service?
Could you provide a diagram or clarify what type of setup this is? It's recommended to have the role on the DNS-Only servers configured to "Standalone" so that changes are not synced back to the hosting servers.

Thank you.