Skip to main content
Web resources: a quick start
Last update:

Web resources: a quick start

  1. Create a domain zone in DNS hosting.
  2. Delegate the domain.
  3. Create a web resource.
  4. Enable DDoS protection.

1. Create a domain zone in DNS hosting

  1. Replenish your balance to the minimum amount 100 ₽ to get access to the service. DNS hosting is free of charge, the money will remain on your balance and you can spend it on other services.

  2. In the control panel, in the top menu, click Products and select DNS hosting.

  3. Click Add Zone.

  4. Enter the DNS zone name — the domain name with a dot, e.g. example.com...

  5. Click Add. The zone will automatically create NS and SOA records with default values:

    • NS — a.ns.selectel. ru., b.ns.selectel.ru., c.ns.selectel.ru., d.ns. selectel``.ru.
    • SOA — a.ns.selectel.ru. support.selectel.ru. <zone_serial_number> 10800 3600 604800 60, where <zone_serial_number> is the zone serial number, which changes when the zone is updated and signals the caching servers that records need to be cached again.

2. Delegate domain

In order to transfer control of domain resource records to Selectel servers, the domain must be delegated — you must specify these servers in the domain's NS records.

  1. Go to the control panel of the domain registrar where your domain is registered.

  2. In the NS records, replace the values with Selectel's NS servers: a.ns.selectel.ru, b.ns.selectel. ru, c.ns.selectel.ru, d.ns.selectel. ru.Each server should be listed in a separate record.

    When the delegation takes effect, the zone status in Selectel DNS hosting will change to DELEGATED and you can proceed to creating your web resource.You can view the zone status in the control panel: in the top menu, click ProductsDNS hosting → zone bar.

3. Create a web resource

  1. In the Control panel, on the top menu, click Products and select Web Resources.

  2. Make sure you are in the project where you created the domain zone.

  3. Click Create Web Resource.

  4. Select the domain zone you created earlier.

  5. Press Next.

  6. At the Hostnames stage:

    6.1.Specify the primary hostname — the primary domain that your site or application will be opened on. By default, the main hostname is the name of the domain zone. The primary hostname cannot be changed after the web resource is created.

    6.2.Optionally: add additional hostnames — subdomains, for this purpose in the Additional hostname field click Add and enter the first part of the subdomain name. The list of additional hostnames cannot be changed after the web resource is created.

  7. Press Next.

  8. In the Sources phase:

    8.1. Enter the IP address and port of the source where the domain content resides.The source can be changed, deleted and added after the web resource is created.

    8.2 Optionally: add additional sources by clicking Add, enter the IP address and port of the additional source.

  9. Press Next.

  10. In the Certificate step, add a TLS(SSL)-certificate:

    • To issue a Let's Encrypt® certificate for a resource, click Issue a Let's Encrypt® certificate for the resource. The certificate will apply to all hostnames of the web resource.After issuing a Let's Encrypt® certificate, the site, service or application will not automatically open over HTTPS — you need to download a new certificate and install it on your web server;
    • To select a custom certificate from the secrets manager, click Choose your certificate and select a certificate from the list.The certificate must apply to all hostnames of the web resource, the list of hostnames can be viewed in the control panel: in the top menu click ProductsWeb resources → web resource page.The selected certificate must be installed on your web server.

  11. Press Next.

  12. At the Confirmation stage:

    12.1 Check the web resource data.

    12.2 Click Create Web Resource.

    The domain zone will automatically create an A-record for the primary hostname and a separate ALIAS record for each additional hostname. The TTL of the records is 3600 seconds. TTL is the time during which a resource record in the NS server cache is considered up-to-date and does not need to be re-cached.

4. Enable DDoS protection

When you enable protection, a secure IP address will be allocated to the web resource, which will be automatically registered in the A-record in the domain zone. Traffic will start to be fully redirected to the protected IP address one hour after you enable protection, when the TTL of the A-record expires.

  1. In the Control panel, on the top menu, click Products and select Web Resources.

  2. Open the page of the created web resource → DDoS Protection tab.

  3. Click Enable Protection.

  4. Click OK.

    By default, protection is enabled with the Redirect from HTTP to HTTPS option.You can customize protection: disable redirect to HTTPS, restrict access by country, allow or block traffic from certain IP addresses.