Bug 1104564

Summary: Alias domain is targeting unknown page with malware
Product: OpenShift Online Reporter: Martin Šlemr <slemrmartin>
Component: WebsiteAssignee: Clayton Coleman <ccoleman>
Status: CLOSED NOTABUG QA Contact: libra bugs <libra-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 2.xCC: jliggitt, jokerman, mmccomas
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-04 17:34:30 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Martin Šlemr 2014-06-04 08:40:06 UTC 
Description of problem:

I've weird problem with openshift. I have application on rhccloud named geodome-mojeweby.rhccloud.com (IP 69.43.160.163).

I have alias www.geodome.cz. 
In my registrator admin interface I set www.geodome.cz to CNAME geodome-mojeweby.rhccloud.com. 
When I ping www.geodome.cz, then IP is the same (69.43.160.163).

But through browser I finish at URL http://instantfwding.com/?dn=geodome.czomainName&pid=7PO2UM885.

Avast blocks it as some malware.

It doesn't depend on OS, browser, computer or location (inside Czech Republic, don't know other countries).

So I expect if alias domain is targeting same IP as rhc domain, problem has to be on this side. 


Version-Release number of selected component (if applicable):


How reproducible:

Go to www.geodome.cz through any browser.

Steps to Reproduce:
1.
2.
3.

Actual results:

Alias URL is targeting different malware URL, not an openshift application.
But both URLs (..rhccloud.com and my) are targeting same IP

Expected results:

Alias domain and rhc domain are both pointing to my application

Additional info:
Comment 1 Jordan Liggitt 2014-06-04 17:34:30 UTC 
The CNAME record is incorrect:

$ dig www.geodome.cz

; <<>> DiG 9.9.4-RedHat-9.9.4-8.fc20 <<>> www.geodome.cz
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32705
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.geodome.cz.			IN	A

;; ANSWER SECTION:
www.geodome.cz.		792	IN	CNAME	geodome-mojeweby.rhccloud.com.
geodome-mojeweby.rhccloud.com. 3492 IN	A	69.43.160.163


Instead of 
  geodome-mojeweby.rhccloud.com.
it should be
  geodome-mojeweby.rhcloud.com.