Web resources: a quick start

Last update: December 03 2024

Web resources: a quick start

1. Create a domain zone in DNS hosting.
2. Delegate the domain.
3. Create a web resource.
4. Enable DDoS protection.

Create a domain zone in DNS hosting⁠

1. Top up A minimum of 100 ₽ to access the service. DNS hosting is free of charge, this money will remain on your balance and you can spend it on other services.

2. В control panels go to DNS → Domain zones.

3. Click Add a zone.

4. Enter the DNS zone name — the name of the domain with a dot, for example, example.com..

5. Click Add. The zone will automatically create NS and SOA records with default values:

   • NS — a.ns.selectel.ru., b.ns.selectel.ru., c.ns.selectel.ru., d.ns.selectel.ru.
   • SOA IS. a.ns.selectel.ru. support.selectel.ru. <zone_serial_number> 10800 3600 604800 60where <zone_serial_number> — zone serial number, which changes when the zone is updated and signals to the caching servers that records need to be cached again.

Delegate domain management⁠

In order to transfer control of domain resource records to Selectel servers, the domain must be delegated — you must specify these servers in the domain's NS records.

1. Go to the control panel of the domain registrar where your domain is registered.

2. In the NS entries, replace the values with Selectel's NS servers: a.ns.selectel.ru, b.ns.selectel.ru, c.ns.selectel.ru, d.ns.selectel.ru. Each server must be listed in a separate entry.

   When the delegation takes effect, status zones in Selectel DNS hosting will change to ДЕЛЕГИРОВАНА and you will be able to proceed to the creation of a web resource. The status of the zone can be viewed in control panels under DNS → Domain zones → zone string.

Create a web resource⁠

1. В control panels go to Web resources → Web resources.

2. Make sure you're in project in which created a domain zone.

3. Click Create a web resource.

4. Select the domain zone that previously created.

5. Click Further.

6. At the stage Hostnames:

   6.1 Specify the primary hostname, which is the main domain that your site or application will be opened on. By default, the main hostname is the name of the domain zone. The primary hostname cannot be changed after the web resource is created.

   6.2 Optionally: add additional hostnames — subdomains, for this purpose in the field Additional hostname click Add and enter the first part of the subdomain name. The list of additional hostnames cannot be changed after the web resource is created.

7. Click Further.

8. At the stage Sources:

   8.1. Enter the IP address and port of the source where the domain content resides. The source will be able to modify, delete и add after the web resource has been created.

   8.2 Optionally: add additional sources by pressing Add, enter the IP address and port of the additional source.

9. Click Further.

10. At the stage Certificate add a TLS(SSL)-certificate:

    • To issue a Let's Encrypt® certificate for the share, click Issue a Let's Encrypt certificate for the resource. The certificate will apply to all hostnames of the web resource. After the Let's Encrypt® certificate is issued, the site, service, or application will not automatically open over HTTPS — you need to download a new certificate and install it on your web server;
    • to select a user certificate from the manager of secrets, press Select your certificate and select a certificate from the list. The certificate must apply to all hostnames of the web resource, you can see the list of hostnames in the control panels under Web resources → Web resources → Web resource page. The selected certificate must be installed on your web server.

11. Click Further.

12. At the stage Confirmation:

    12.1 Check the web resource data.

    12.2. Press Create a web resource.

    The domain zone will automatically create an A-record for the primary hostname and a separate ALIAS record for each additional hostname. The TTL of the records is 3600 seconds. TTL is the time during which a resource record in the NS server cache is considered up-to-date and does not need to be re-cached.

Enable DDoS protection⁠

When you enable protection, a secure IP address will be allocated to the web resource, which will be automatically registered in the A-record in the domain zone. Traffic will start to be fully redirected to the protected IP address one hour after you enable protection, when the TTL of the A-record expires.

1. В control panels go to Web resources → Web resources.

2. Open the page of the created web resource → tab DDoS protection.

3. Click Enable protection.

4. Click OK.

   By default, protection is enabled with the option Redirect from HTTP to HTTPS. You can customize protection: disable redirect to HTTPS, restrict access by country, allow or block traffic from specific IP addresses.