We have provided 45 websites through a developer for our parishes. Over the Thanksgiving holiday, the developer stood up a new server and moved all of the parish websites. This required changing A-records for all 45 websites. I am having problems with 1 of the 45.
I don’t manage the DNS for the one problem website, a local service provider does. I do manage DNS for the 44 other parish sites and they made it through the move successfully.
Here is the problem which did not exist before the move:
If you visit the site by typing only the domain name, stmarkmtcalvary.church, the sub-menu items work but all of the new browsers are calling the website unsafe.
The developer said to ask the managed service provider to ensure there are 2 A-Records both pointing to the IP. One should have a host of @ and the other should have a host of www.
The service provider says the have looked at the problem and they are not the cause. They said they only need to create 1 A-record but won’t tell me which one. He said something about only the webhost would need an A-record using @ not them so I assume that’s the one they won’t create.
The service provider sent me a screen shot from Free DNS checker which he says proves they are not the problem.
The web host/developer says they aren’t the problem either.
I don’t know enough to figure out where the problem lies. Is there a security reason why they wouldn’t want to create two A-records?
From the look of it they have an A record on the base domain and a cname on www pointed to the base domain. This is perfectly fine and should work exactly the same as two A records. Clicking through the site I get 404 errors on any pages in the menu meaning your server is erroring out. I hate to break the “it is always DNS” rule, but that doesn’t seem like DNS to me.
Having managed too many web servers in the past, this looks strongly like an issue with the new server’s Apache configuration.
If it were my website, I would first start looking at the Apache logs, and very likely it will point you to the ssl and/or redirect configuration of the site.
Both stmarkmtcalvary.church and www.stmarkmtcalvary.church work fine on http but not https, and DNS A records and CNAME records are protocol agnostic, so I don’t see how this could be a DNS issue.
There’s a chance that the https portion of the site’s redirect rules might be in a config block somewhere that only applies to the old IP address, or possibly the new server’s redirect rules were only added to the http path.
With all that said: If you let your service provider know that while you agree their method should work fine, it is important to you that they use both A-Records in order to satisfy the developer so they will continue troubleshooting, they will likely make the change.
All of our domains have www as a CNAME record aliasing to the base domain, which is either an A-record or ANAME depending on the web host.
I’d love to hear how this ends out. Server migrations are always nerve-racking and I hate you’re having to manage this without direct access to either system.