Docker Test Container For Watch My Domains SED v4

CodePunch Solutions have published a set of simple docker files that will allow you to quickly spin up a test container for Watch My Domains SED v4 on Mac OS X or Windows desktop.

This requires a working installation of Docker Desktop in your system. You should then clone or downlod the docker files from github to get started.

Download Required Docker Files

Clone the project into a convenient folder (or download the ZIP from githuib and unzip into a folder) and then edit docker-compose.yml to change the MySQL root and user passwords. You may also change the port from 8000 to whatever you want to use.

Edit wmdsed4/config.php to change the MySQL user password to the same one you setup in the YML file. While there, change the setup user name and password ($db_config_setup_name, $db_config_setup_password) too.

Open a terminal (in Mac) or Windows command-line and change to the docker-wmdsed4 directory. Now run

docker-compose build

followed by

docker-compose up -d

wait for the containers to spin up and then open http://localhost:8000 in your browser. There will be a short delay before the Watch My Domains application starts up for the first time. Use the setup username and password you specified in the config.php file to login.

Notes

This is purely for a quick test of Watch My Domains SED, don’t use in a production environment unless:

  1. Physical or remote access to your system is restricted AND
  2. You really know what you are doing

The application will be run without SSL. You can modify the docker file (wmdsed4/Dockerfile) to include SSL support and access the application over SSL.

The database files are stored in a host folder (wmdsed4/mysql), so you can safely stop the containers without losing data.

This doesn’t include any of the application files. The evaluation version of Watch My Domains SED is downloaded from domainpunch.com when you build the container.

Watch My Domains SED v4.2

Watch My Domains SED v4 is getting another update has been updated to include a new monitoring module. Other additions include additional themes, ability to update the application using the command-line tool even when installed into non-standard folders, etc.

Here are some screen-shots of the new module.

The new monitoring module makes it very easy to manage domain portfolios that are not extremely huge. You can use it to quickly view snapshot views of your domains without having to scroll through large spreadsheet like domain lists. The monitoring module can be used to track both domain expiry dates and SSL certificates.

Enabling Remote Access to MySQL /MariaDB Database for Importing Data

By default remote access to MYSQL databases are disabled. This will cause a problem when you want to import data from an older version of Watch My Domains SED to the current version.

These are the basic minimum steps required required to enable remote access. Additional steps may be required to make this work on your server if there are other security measures (enabling port access, changing firewall settings, etc.).

How to Enable Remote Access

There are two basic steps required to enable remote access.

The first step is changing the bind-address to the IP address of the server running MySQL. This is done by editing my.cnf file and setting

bind-address    = x.x.x.x

Make sure that you set x.x.x.x to the MySQL server’s IP address. Restart the mysql server after doing this.

The second step is creating a user who can connect from your remote address. This is done by connecting to the mysql server using

mysql -u root -p

Provide the password when prompted. Now run

 GRANT ALL ON wmdsed.* TO wmdsedimport@'y.y.y.y' IDENTIFIED BY 'secretpassword' 

Change wmdsed to the database name and secretpassword to your password. The IP address y.y.y.y should be set to your remote address (the IP you will connect from and where the new version of Watch My Domains is installed). We are also creating a new user called wmdsedimport just to import the data into the new version of Watch My Domains SED.

Testing

From the server that has Watch My Domains SED installed, run

mysql -h x.x.x.x  -u wmdsedimport -p

Replace x.x.x.x with the IP address of the mysql server and when prompted, provide the password you created in step-2 above.

If the connection works, you are in business.

Importing Data

Now create a data provider profile in Watch My Domains SED v4 and specify the proper credentials like user name (wmdsedimport), the newly created password, the hostname (where older database is, x.x.x.x or the corresponding FQDN) etc.

Desktop Software, Registrar APIs and Whitelisting IP Addresses

Many registrar APIs require that you whitelist the IP addresses from which you connect. This is a problem if your ISP provides only dynamic IPs. Every time you want to import data from a registrar you will have to find your current IP address, add it at the registrar and wait for it to be whitelisted. At some registrars the whitelisting could take upto 30 minutes.

The solution

You can use your website to host an opensource registrar API script from CodePunch Solutions and then use it from Domain Punch Pro and Watch My Domains to fix this problem permanently. Your website will have a permanent IP address and you can easily whitelist it at your registrar.

Download and install the whois api client script on your web server and white-list your web server IP address at the registrar. Then specify the URL to the web client as shown in the screen-shot above. Include the required authentication parameter (&k=xxxx or ?k=xxxx) as part of the URL.

Coming Soon: REST API for Watch My Domains SED

We will be releasing a complete RESTful API for Watch My Domains SED Professional Edition and above. This will be in addition to current Stateful API available for all editions.

The REST API will support alternate authentication for API users and will be useful for creating your own configuration and setup interface independent of the normal application interface.

We expect to make this available in early February.

Watch My Domains SED Report Viewer and the Days To Expiry Column

The report viewer in Watch My Domains SED has a user configurable column called ‘Days’. This has been a subject of confusion at times.

The ‘Days’ column refers to ‘days to nearest expiry’. This data can change for the same domain based on the other columns in the report.

Contents of ReportContents of ‘Days’ Column
Contains SSL Expiry Date ColumnDays to SSL Expiry
Contains Domain Registry Expiry DateDays to Registry Expiry
Contains Domain Registrar Expiry Date Days to Registrar Expiry
Contains Domain Registrar Expiry and Registry Expiry DatesDays to nearest Expiry Date (Registry / Registrar Expiry Date whichever occurs first)
Contains SSL, Domain Registrar Expiry and Registry Expiry Dates Days to nearest Expiry Date (Registry / Registrar /SSL Expiry Date whichever occurs first)

Secondary Domains and Watch My Domains SED

Some secondary domains like yourdomain.uk.com will not get added to Watch My Domains SED v4 by default. This is because the application will assume that you want to add UK.COM and that the yourdomain part is a subdomain (which it really is).

In such cases you can force add the domains by wrapping them in square brackets ([]). For example,

[abcd.uk.com]
[domain.bd.com]

You can also make some changes to the domain suffix list in Watch My Domains SED to permanently support such domains.

The public suffix list is used by Watch My Domains to properly identify the effective / registered domain name. You can acces this from the administrive settings panels.

After you add these second level domains (uk.com, bd.com, etc) your entries will be parsed as you want them to be. You can also verify the parser by typing in your test entries under the ‘Test Domain Parser’ box.

CentOS 7, SELinux and Watch My Domains SED

Installing Watch My Domains SED on a CentOS system with SELinux (Security-Enhanced Linux) enabled often requires some extra work.

The Log Folder

Watch My Domains SED requires that the log folder is writable by apache. For this to work you will have to properly set the security context and ownership for the folder.

By default the log folder is at the root of the base installation. If you are installing the application at /var/www/html/wmdsed40, the log folder will be /var/www/html/wmdsed40/logs. You can ofcourse change the location of the log folder by editing the config.php file.

To make the log folder writable you will have to run

chown apache:apache /var/www/html/wmdsed40/logs
chcon -t httpd_sys_rw_content_t /var/www/html/wmdsed40/logs -R

The first command will set the owner of the folder to apache and the second will set the security context so that the folder is readable and writable by apache.

If you set the log folder outside of wmdsed40, you will also need to set httpd_sys_content_t for it.

Changing DocumentRoot

Installing the application to a folder different from the default /var/www/html requires more changes. For example, to install to /home/wmdsed/wmdsed40 you would do…

chcon -R --reference=/var/www/html/ /home/wmdsed/wmdsed40 
chcon -R -t httpd_sys_content_t /home/wmdsed/wmdsed40/ 
semanage fcontext -a -t httpd_sys_content_t "/home/wmdsed/wmdsed40(/.*)?" 
setsebool -P httpd_enable_homedirs true 
chmod 755 /home/wmdsed/wmdsed40

You will have to edit /etc/httpd/httpd.conf and change the DocumentRoot settings. You should also make the log folder writable by apache as mentioned in the previous section.

Net_DNS2

It is a good idea to install Net_DNS2 so that advanced DNS monitoring is possible. You can do this by installing php-pear.

yum -y install php-pear 
pear install Net_DNS2

Setup Cron

Though this is not related to SELinux or CentOS, remember to setup the cron immediately after you install the application. This is essential for the default tables to get initialized.

Verify Installation

You can run the basic diagnostic tool by opening

https://<installpath>/verify.php

in your browser. For example, if your installation is at example.com/wmdsed40, you should open

https://example.com/wmdsed40/verify.php

Upgrading Hosted & Managed Versions of Watch My Domains SED

If you are currently using the hosted and managed versions of Watch My Domains SED v3, you should consider contacting us to schedule an upgrade to the current v4.

Upgrading will be painless because you will have access to the old and new versions and we will take down the old installation only after you have confirmed that it is okay to do so.

The new installation will have all your domains, custom data columns (plus data) and your categories intact. You will need to recreate your users and assign access rights. You will also need to configure the reports and scheduled emails. This is not complicated because you can do this easily from the user interface.

What’s New in Watch My Domains SED v4

Before scheduling an upgrade you should fix a date and time after which you will stop making any additions to your current version 3 installation. Then contact us for setting up the new version.