The authoritative DNS server is the final holder of the IP of the domain you are looking for. When you write a domain name in your browser, a DNS query is sent to your internet service provider (ISP). The ISP has a recursive server, which might have the needed information cached in its memory. But if the data is outdated, this recursive server need to find the IP elsewhere. It will try to find it in other recursive servers, but if it can’t, it needs to get the IP address from an authoritative DNS server.
You have probably seen the “https” in most of the online shops like Amazon, eBay, and Alibaba. Or maybe a green lock icon just before the domain’s name. These are clear signs that the website you are using is secure, it has an SSL certificate or a TLS one. You can safely browse it, use passwords and even pay with your credit card without the threat that someone will steal your data. The SSL certificate gives both protection and prestige to the websites using it.
What is an SSL Certificate?
The recent Black Friday we again saw the news for record-breaking revenues and profits. Over the past few years, the web has gotten faster, according to Google, 53% of users will abandon a site if it doesn’t load within three seconds. By this, you can guess that for a shopping site, the speed of the website reflects its revenue. So, we want to see whether e-commerce sites got faster as well?
The DDoS attacks are also increasing. According to Kaspersky Lab 33% of organizations experienced a DDoS attack in 2017, compared to 17% in 2016. So we also want to know if the top shopping websites are well prepared for future attacks.
In this article, we will check with our DNS tool all of the top 50 E-Commerce websites. We will see if their speed and DDoS protection is fine or they will need to improve. Based on our research we will make recommendations how these websites can improve.
DDoS Attacks are widespread threats on the internet. With the continually increasing numbers of connected devices and new innovative ways of hacking them, we can’t just stay and wait to get affected. We should smartly implement our DNS infrastructure and choose a trusted DNS provider to be safe and to evade the downtime of our services.
But to be protected, we must know the danger.
DDoS attack (denial-of-service attack). There are few different types, but in general, a DDoS attack is an attempt to overwhelm the target (a computer, few connected computers or a whole DNS network) with high traffic from multiple sources.
DNS is the backbone of the internet. It connects all the users to the content they need. It is a constant exchange of information, but sometimes the DNS fails and this cause downtime. A blackout period that can be evaded by using a backup DNS.
Backup DNS, also known as Secondary DNS or alternative DNS is a system of one or more DNS servers, who have a copy of the zone data (DNS records) of the Master (Primary) DNS server. It adds resilience, reduce the outage periods by answering requests even if the Master is down.
It is easy to set up, and it can save you tons of problems. If your Master DNS got damaged and lost the information, you would still have a copy in your Backup DNS.
What is the worst that can happen? Dyn DNS attack of 2016
Do you know the difference between a Master (Primary) and a Slave (Secondary) DNS zone?
What is a DNS zone
First, let us explain what a DNS zone is. DNS zone is a container of DNS settings and DNS records of a DNS namespace. The DNS namespace can have single or multiple DNS zones, each managed by a particular DNS host/service. This division helps for the administrative purposes. It is like an enormous pie, each piece of it allows better separation of the administrative load and helps with redundancy.
Don’t directly associate a DNS zone with a specific domain. A DNS zone may contain multiple domain names or a single one; the important thing is that it is used for controlling a fraction of the namespace. DNS zones can be on the same servers too.
Have you ever received complaining messages from your users about emails sent to them from your email server, without your knowledge? Or maybe the emails you are sending are going directly to the users’ SPAM inbox?
Problems like these can seriously affect your business. Your clients can get phished and send their private information to a fake address which is pretending to be you. This can damage your reputation and can lead to different bans for you.
If you have such problems, then you need a Sender Policy Framework (SPF) to prevent spoofing and improve the reliability of your e-mail server. It is a validation system that verifies the legitimacy of your email server.
You are already a DNS user, and your server or website works great when you visit it from your computer. But that is not enough. You want to be sure that the DNS works great all around the world. For example, your primary server is in the US, but you want to see if there is not too much latency in Singapore, what should you do? Or you want to compare with your rivals, to know which is their provider and how well is it performing? There are many DNS tools that you can easily use for free, to check your DNS servers and to see if everything is working well. Each of these tools has slightly different functionality, just follow us, and we will explain to you what are they good for.
For many years already, the Unicast protocol has been outdated for the purpose of fast and secure DNS. It can’t manage with massive DDoS attacks, can’t handle load balancing in different locations, and it is quite slow for a global presence. But don’t get desperate, a new technology is there to help you out.
So what can you use to provide fast and reliable DNS?
Anycast DNS is here to step in. It is by far superior technology! It reduces latency, give extra security and minimize downtime.
We have already talked what is a DNS server or name server as it is also known. It is a complicated system that translates what we write (the domain name and address of a website that we desire) to IP addresses that computers and servers can understand.
Any DNS can be programmed to be primary (master) or secondary (slave), depends on the needs of the system as a whole. You can even have a primary DNS server that is secondary for another zone.
So what is the difference?
The hierarchy. The primary is the main one, and the secondary gets the DNS records from the primary. There are few different configurations of connecting the secondary that we would show you in a bit, but first, we want to explain to you why you need a secondary DNS.
If it does the same, why do you need it?