Did you dig it?

FACT: Hosting industry research suggests over 11 hours of valuable work time each week is wasted on sites that end up not even being hosted with the company.¹

That adds up to:

11 missed rewatches of Chuck E. Cheese in the Galaxy 5000
Not completing hit cat simulator Stray twice
7 missed chances to experience the entire At Home With English series

But I love Greg! How can I stop this?

Before doing anything else to troubleshoot the site, ask yourself: Did you dig it?

What the heck is dig?

dig is a handy command included by default on most Linux and Unix-like operating systems. Not sure what that is? Your company probably provides a Linux shell to use when connecting to servers. Try running dig on it and see if it works.

Exercise time: We're looking into an issue with the WordPress site on thisdomainishostedhere.com. First, let's make sure it's hosted here with us at InAction Hosting:


$ dig thisdomainishostedhere.com +short
200.225.40.179

dig checks for the domain's A record by default. You can check for a different record type by specifying it before or after the domain; examples include CNAME, MX, and TXT. The +short option tells it to return only the IP and nothing else.

The whois command is a great way to quickly check who owns an IP address. And like the name suggests, it also works for most domains to check name servers. Let's check that IP:


$ whois 200.225.40.179
...
Organization:   InAction Hosting, Inc. (INACT-1)
...

Yep, that's one of ours. The site is definitely hosted with us.

Now how about the site at thisdomainisnothostedhere.com? Let's dig it:


$ dig thisdomainisnothostedhere.com +short
74.220.199.6


$ whois 74.220.199.6
...
Organization:   Combined Stack (GREENH-2)
...

🙅‍♂️ It's hosted at Green Host! Great for them, not so much us. But checking first saved us from wasting time fiddling with files and settings on a server that would have had no effect.

But what if the domain uses a service like Cloudflare or Sucuri?

A domain that uses Cloudflare will look like this:


$ dig thisdomainusescloudflare.com +short
104.21.22.170
172.67.205.241


$ whois 104.21.22.170
...
Organization:   Cloudflare, Inc. (CLOUD14)
...

Seeing two or more IPs often means some kind of proxy service like Cloudflare is being used (but some services like Sucuri use only one IP). This also means the domain's real IP address can be harder to find.

You might be able to work around this by checking for another record like MX and TXT. A lot of times only the main domain and www will be behind Cloudflare. Let's see if there's an SPF (TXT) record:


$ dig txt thisdomainusescloudflare.com +short
"v=spf1 ip4:200.225.40.179 +a +mx ~all"

See that? The domain has an SPF record that reveals the real IP.

Now how about the MX record?


$ dig mx thisdomainusescloudflare.com +short
0 mail.thisdomainusescloudflare.com.


$ dig mail.thisdomainusescloudflare.com +short
200.225.40.179

Clutch. Let's check that IP with whois:


$ whois 200.225.40.179
...
Organization:   InAction Hosting, Inc. (INACT-1)
...

That's us alright!

So before escalating an issue to T2 support, remember to ask yourself: Did you dig it?

¹ Uncle "Just Trust Me Bro" Jimmy.

This has been a message from your friendly neighborhood T2 support team. Scuffed with ❤️ under a bridge somewhere in MA.