What is rDNS or Reverse DNS?


rDNS is reverse DNS. If you have an IP address, you can use rDNS to find out which domain the IP belongs to. rDNS is a security measure used to prevent impersonation attacks by verifying the provenance of an IP address. 


For example, if you see 8.8.8.8 in your site logs, you can use an rDNS lookup tool to see who the IP belongs to. 8.8.8.8 maps to a Google server, so you know it is safe.


How to Verify BlogVault IPs with rDNS


We have now upgraded our system to enable the verification of IPs using rDNS lookups. By using rDNS, you can ensure your site continues to receive uninterrupted BlogVault services while still being safe from IP spoofing or impersonation attacks. 


You can request them to add *.bvserver.net to the list of verified bots. The rDNS lookup will verify that the IP belongs to BlogVault because the IP will map to the domain *.bvserver.net.


How are IP addresses used for attacks?


IP addresses are the mechanism by which devices communicate with each other on the Internet, and are used to identify a particular device.


Hackers often spoof legitimate devices by having false source IP addresses in their requests to sites. Therefore, verifying IP addresses that interact with your site is a step towards protecting against this kind of impersonation attack.


How do sites handle requests from IP addresses?


Web hosts and firewalls block IPs that are a source of bot traffic. In general, this is a good measure, because malicious bots can cause your site a great deal of damage. 


However, there are good bots that you want to allow continued access to your site. Googlebot is one example, and an uptime monitoring bot is another. In the same way, BlogVault requires access to your site in order to provide your site with critical maintenance services. 


BlogVault IPs are mapped to a recognizable domain


BlogVault automatically backs up your site and scans it for malware daily. To do this, our servers send requests to your site. In your site logs, you will see our server IP addresses and the type of requests. 


Previously, in order to ensure that your site has uninterrupted services from BlogVault, you had to whitelist a list of IP addresses with your host or firewall. However, since IPs are dynamic, they keep changing. That makes the whitelisting method inefficient and work-intensive for you to manage your site. Therefore we have enabled rDNS lookup on our IPs. All our IPs map to *.bvserver.net. 


How to use rDNS lookup? 


To verify an IP address via rDNS, there is a two-step process: 


1. You must check which domain the IP address maps to

2. Perform a DNS lookup to see if the domain you got in the first step maps to the same IP address. 

There are a couple of ways to verify an IP via rDNS.


Using an online tool 


You can use an online tool like WhatsMyIP or rDNSlookup for the first step, and use a DNS tool for the second. 

Use command-line tools


Alternatively, there are a host of command-line tools you can use to verify an IP, like host, dig, nslookup.  


In the following example, we have used a host to run both steps of the verification process.

 


Similarly, your host or firewall can use rDNS to check unknown IPs sending requests to your site. You can request them to add *.bvserver.net to the list of verified bots. The rDNS lookup will verify that the IP belongs to BlogVault because the IP will map to the domain *.bvserver.net. 


We continue to improve our system to ensure that your site is secure. Please reach out to us at support@blogvault.net if you have any questions. We are happy to help!