Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
check_reverse_dns: don't force mw-lb.miraheze.org (#3281)
There is no technical reason that a custom domain couldn't point to some other miraheze.org subdomain. All possible subdomains will always exist and resolve to our servers. This uses regex to ensure that the CNAME is of the format <subdomain>.miraheze.org . The alert really comes into play if somebody has changed their DNS after the domain was setup for their wiki. And if they just changed what subdomain the record points to, I don't think it's worth chasing the user up about it. As for new domains, I always check the records beforehand (and anybody else handling SSL requests should too), and thus this check should not be relied on when adding SSL certs. We should be checking records before adding SSL, and only contacting users after if they changed it after, and for some reason the new configuration won't work. (non-miraheze.org CNAME, or improper A records, or somthing similar, or not pointed at all) --------- Co-authored-by: CosmicAlpha <[email protected]>
- Loading branch information