I host a few websites for myself and family on DigitalOcean. Up until recently, I’ve always just spun up a new droplet for each site, so they were all fully independent from each other; this was the easiest and most convenient way to get a new site up and running without jeopardizing uptime on other sites if I made a mistake in configuration, and it was drop-dead easy to map a domain to a static IP. It had some security benefits, too– if one site was compromised, it wouldn’t affect the rest.
But it was also maintenance-intensive. I needed to login to multiple servers to run updates; adding plugins had to be redone over and over on each server; and obviously this was starting to get expensive. So I decided to consolidate my multiple sites on one server, using a fancy feature of WordPress called… “Multisite“. Imaginative name, I know.
The initial configuration went well, with no real hiccups (other than my accidentally rm’ing most of Apache’s configuration files– but a quick droplet rebuild took care of that).Yes, I could have restored the configuration without too much difficulty, but I was early enough in the build that it was faster to just start over. The trouble started when I had moved over the sites I was consolidating, and switched the domains to point at my new Multisite server. I spent two hours trying to figure out why one of the domains refused to point at the new server, only to discover (drumroll, please)… it was DNS. I use Pi-Hole on my home network to block malicious sites, but it also provides a DNS caching service which usually works great. In this case, however, it was pointing me back at the old server over and over, until the TTL finally expired.I did set the TTL to a very low number when I started this process, but the old value wasn’t updated until the original one expired. A quick flush of the DNS cache, and I was able to see that the domain was correctly configured. Fifteen minutes later, I had SSL up and my plugins configured.
So what’s the lesson in all this? Even when you think it’s not DNS… it’s DNS.