following up on my previous post:
it turns out that, like anything else weird in infrastructure, it was DNS
I registered mydomain.com as my primary router’s domain, re-ran the experiment with a fresh 128 char subdomain, and I received zero scans on the new domain.
Now my question is, who’s making that one query that leaks my domain name? Is it Apache on startup?
One solution is to resolve all my subdomains on /etc/hosts so it never has to leave the box, but I’m curious what a more experienced net admin would suggest.
Okay I saw your previous post but I’m curious now. What happens if you curl your IP address on port 80? Does it send back a 30X redirect for SSL to your newly configured subdomain as the new default location for r do you get back your IP but using SSL?