In the web hosting industry, reliability, security, and scalability are essential for ensuring seamless domain management and uninterrupted website performance. One of our clients, a well-established Asian web hosting company, faced mounting challenges with its existing internal DNS infrastructure. Their growing customer base put increasing pressure on their cPanel-managed DNS servers, leading to performance degradation, rising operational costs, and the risk of DDoS attacks becoming a significant concern.
To address these issues, the company sought a solution that would allow them to offload DNS traffic to an external provider while still allowing their customers to manage domains through cPanel. Additionally, they required DDoS protection, secure authentication for their team, and a scalable solution to support their fast evolution. ClouDNS successfully provided the ideal DNS solution, improving performance, reducing costs, and enhancing security.
As the web hosting company expanded, it encountered several obstacles that impacted performance, security, and operational efficiency. Their existing DNS infrastructure, managed through cPanel, was no longer able to meet the growing demands of their business. Several key challenges prompted the company to seek an alternative solution:
Challenge 1: Scaling Issues
The company had been using cPanel for server and domain management. While cPanel offers built-in DNS management, the web hosting’s initial configuration was not designed to handle the growing volume of DNS queries efficiently. As traffic increased, the company's DNS servers experienced slower response times and occasional failures, negatively impacting customers.
To continue providing high-quality hosting services, the company needed to find a way to offload DNS traffic to a more robust, dedicated DNS provider while still allowing customers to manage their domain settings via cPanel.
Challenge 2: Reducing Operational Costs
Managing DNS infrastructure in-house can be very expensive, requiring powerful DNS servers, maintenance, and regular software updates. With an increasing number of DNS queries, the infrastructure costs were rising significantly. The company sought a way to reduce expenses while maintaining high uptime and reliability.
By incorporating an external DNS provider into its setup, the company could significantly cut costs by eliminating the need to maintain DNS infrastructure while benefiting from a more efficient global network.
Challenge 3: Enhancing Security with DDoS Protection
As a hosting provider with thousands of domains under management, the company was a frequent target of DNS-based DDoS attacks. These attacks disrupted services and required costly mitigation efforts.
Their existing DNS servers lacked the necessary protection to filter out malicious traffic efficiently. The company needed an external DNS provider with robust DDoS protection to ensure uninterrupted service for their customers.
Challenge 4: Secure Access for the Internal Team
As a large web hosting company, multiple team members required access to the DNS management interface. Security was a top priority since unauthorized access could lead to DNS hijacking or misconfigurations.
To improve security, they sought a Single Sign-On (SSO) solution that would enable secure authentication for their team while integrating with their existing identity provider, Okta.
After carefully assessing the company's requirements, the ClouDNS team ClouDNS provided a fully managed Secondary DNS solution with a Hidden Master configuration, allowing the company to seamlessly integrate external DNS hosting while maintaining cPanel as their primary management interface. This solution lets the Asian hosting company offload DNS queries to ClouDNS while keeping its internal DNS settings intact.
Secondary DNS with Hidden Master
We implemented a Hidden Master DNS architecture, which allows the client to keep cPanel as the authoritative DNS server internally while syncing all DNS records to ClouDNS. This method enabled the hosting provider to keep DNS management within cPanel while leveraging ClouDNS's global network to handle all external DNS queries.
By offloading all external DNS queries to ClouDNS, the company eliminated performance bottlenecks while still allowing customers to manage DNS records within cPanel.
抗攻击DNS
To protect against DNS-based attacks, we integrated DDoS-protected DNS into the company's setup. ClouDNS's advanced mitigation technology ensures that legitimate traffic passes through while blocking malicious requests. This eliminated the risk of downtime due to DNS-related cyberattacks.
SAML Single Sign-On (SSO) with Okta
For enhanced security, the company decided to implement SAML SSO authentication using Okta. Our team assisted in integrating ClouDNS with their Okta identity management system, allowing their employees to securely log in using their existing credentials. This provided:
Dedicated IPs for Improved Performance
We provided the company with dedicated IPs for their DNS services. This ensured that their DNS queries were handled exclusively on a stable, high-performance network not affected by shared infrastructure, resulting in greater reliability and performance consistency.
With the new Secondary DNS setup, the company immediately experienced improved performance, reduced operational costs, and enhanced security. Their internal servers were no longer overwhelmed with DNS queries, and DDoS protection ensured that their services remained online even during cyberattacks.
As their business developed, the number of DNS zones rapidly grew. Due to ClouDNS's scalable solution, they were able to easily upgrade their DNS plan without any disruptions. This flexibility allowed them to scale their DNS services quickly and cost-effectively, ensuring they could accommodate new clients without performance degradation.
Over time, the company decided to migrate from cPanel to Plesk to further optimize expenses. While this was a significant change, the ClouDNS team ensured a seamless migration with zero downtime. We reconfigured the Hidden Master setup to work with Plesk's DNS infrastructure, allowing the company to continue benefiting from external DNS hosting without service interruptions.
By offloading DNS traffic to ClouDNS, the Asian web hosting company achieved:
Today, the web hosting company continues to rely on ClouDNS's robust, secure, and scalable DNS solutions. They can now focus entirely on their core web hosting services, knowing that their DNS infrastructure is fully optimized.
