I heard from a colleague in Italy today that our site isn’t loading for her, unless she disables her antivirus (Kaspersky on one computer, Trend on another). My host said that it looks like there are DNS propagation issues, and they should get resolved in time, but it’s been 8 hours at least. When I check our domain here: https://www.gdnspc.com/ I get way more red Xs than green checks.
Anyone know what’s going on? I’ve not made any DNS changes. We’re hosted on WP Engine, domains are registered on Google.
DNS propagation can take up to 48 hours! You should wait another 40 hours then try again!
Ugh. But we haven’t made any changes, I don’t understand what is being propagated?
Your domain’s configuration is all right and it resolves just fine.
This will be a local issue on your colleague’s side. In particular, because it works when she suspends Kaspersky. She should make sure to have updated the software.
This won’t be an issue on your side.
gdnspc.com is the site I was using to check our dns.
Our domain is sa-intl.org
Well, did you use the same tool?
We come up all green on dnschecker.org. But mostly red on Global DNS Propagation Checker
Could gdnspc be that inaccurate?
Yes, there’s no issue with your site. The tool you mentioned also claims sitemeer.com does not resolve
dnschecker.org is generally reliable.
Okay. Thank you so much for your reassurances! No matter how much I learn about it, DNS always seems like a dark and capricious force which usually behaves but sometimes throws wrenches.
As long as the TLD’s servers announce your domain, you are good.
nslookup -type=ns sa-intl.org a0.org.afilias-nst.info
sa-intl.org nameserver = elaine.ns.cloudflare.com
sa-intl.org nameserver = joel.ns.cloudflare.com
We are blatantly leaving poor DNSSEC out in the rain here of course.
And now I’m adding DNSSEC. I’m assuming the consensus here is that it’s recommended?
And my Italian is claiming that 4/5 of her computers can’t reach our site unless they disable Trend Micro or Kaspersky. The 5th computer just uses Windows Defender.
DNSSEC is an additional layer of security, which should make DNS hijacks more difficult. Generally it is straightforward, as long as the settings on your registrar’s side match what Cloudflare provided.
As for your Italian problem she should simply check her machine and make sure she has got recent updates. Maybe she can even provide you with an error message, so that you can check the issue, but it won’t be your site or the configuration.
Just for clarification, did you just flag my earlier posting?
I did not flag your earlier posting, at least not intentionally… Do you mean I should check the Solution box?
I’ve now set up DNSSEC. Thank you again!!
No worries, just because my posting was edited and the - absolutely unrelated - address of the TLD nameservers redacted. Sorry, don’t worry.
If you want to check DNSSEC, you can do so at dnsviz.net.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.