October 11th, 2011, 12:23 AM
Domain redirection or blocking access to port 80 of forwarded domain
Requesting all the networking/DNS experts out there.
I understand that DNS forwarding with port is not possible but I think there has to be something out there to solve my issue:
Here is what I want to do:
1. I have a service provider who has a server in a data center hosting a site called abc.com but I don't want my users to be aware of abc.com.
2. I registered xyz.com and I want my users to send their requests to lets say test.xyz.com or xyz.com:3128
3. I then want to redirect that to abc.com and have them successfully authenticate.
I tried this with zoneedit where I created CNAME: test.xyz.com that points to abc.com and my users's devices are cofigured to send data to test.xyz.com:5555 this works fine but when a user types test.xyz.com into their browser they are also able see the webpages at abc.com which I want to prevent them from discovering. I could not find any way to block port 80 in zoneedit.
I can setup a VPS or Cloud server in any datacenter and can install linux (CentOS) but don't know what I can use out there to do this. I have been reading on squid proxy servers but it appears that squid is mostly use for dns cache or webproxy/transparent proxy etc. Any help or pointer would be great. I am mediocre linux user and if there are reasonable guides or hints out there I can follow and try to figure out. Just need someone to give me a starting point.
October 11th, 2011, 08:59 AM
You can't do anything like this using DNS. DNS operates at a completely different level than ports do. As far as DNS is concerned ports do not exist, and short of reprogramming every client on the internet, there is no way you can change that. For this reason, you can neither block certain ports nor forward certain ports, it's all or nothing.
If you have control over abc.com you could configure the web server to not show the abc.com web page when visiting test.xyz.com.
If you don't have control over abc.com, then using a proxy is an approach that will work. You could set up a VPS, map test.xyz.com to that VPS and then have a proxy server listening on port 5555. The proxy server can invisibly forward all requests to abc.com. The client will see all of their traffic going to/from test.xyz.com, and abc.com will also see all of its traffic going to/from test.xyz.com.
I've never configured a proxy for something like this before, so I don't really have any recommendations on how to do that.
Depending on the communication protocol of whatever program is connecting to the server you might need to build a custom proxy server for this. If it's standard HTTP then you're in luck, because most proxy servers are already designed to handle that.
October 12th, 2011, 12:37 AM
Thanks for the direction. Read some more on Squid proxy server. I am able to install and start it up from webmin - thanks to webmin for making things so much easier.
Originally Posted by E-Oreo
But not finding much info on how to redirect. Seems like I have to do something with the firewall in conjunction with squid. Will continue to read and post my success here - if anyone knows exactly how to do it that would be really great if you can share....