I cant edit or add DNS record after upgrade to 1.9.4 version. I have added new domain with DNS and mail option, panel created both of them but I cant edit or add DNS records. Also I can not add let’s encrypt and ssl redirection because of this error.
I don’t think the issue is due to upgrading to 1.9.4, but rather because the update rebuilt your user.
Show the output of these commands (please, no screenshots):
Note: Replace YOURUSER and YOURDOMAIN with the actual user and domain name.
cat /home/YOURUSER/conf/dns/YOURDOMAIN.db
cat -A /usr/local/hestia/data/users/YOURUSER/dns.conf | grep YOURDOMAIN
cat -A /usr/local/hestia/data/users/YOURUSER/dns/YOURDOMAIN.conf
1 Like
commands’ output; I removed domain and create again from panel. and problem continue.
root@serve:~# cat /home/myuser/conf/dns/mydomain.com.db
$TTL 14400
@ IN SOA ns1.domain.tld. root.mydomain.com. (
2025072805
7200
3600
1209600
180 )
root@serve:~# cat -A /usr/local/hestia/data/users/myuser/dns.conf | grep mydomain.com
DOMAIN='mydomain.com' IP='195.XXX.XXX.XXX' TPL='default' TTL='14400' EXP='2026-07-28' SOA='ns1.domain.tld' SERIAL='2025072805' SRC ='' RECORDS='17' DNSSEC='no' KEY='' SLAVE='no' MASTER='' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-28'$
root@serve:~# cat -A /usr/local/hestia/data/users/myuser/dns/mydomain.com.conf
ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.domain.tld.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-28'$
ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.domain.tld.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-28'$
ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='195.XXX.XXX.XXX' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-28'$
ID='10' RECORD='www' TYPE='CNAME' PRIORITY='' VALUE='mydomain.com.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-28'$
ID='11' RECORD='ftp' TYPE='CNAME' PRIORITY='' VALUE='mydomain.com.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-28'$
ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='195.XXX.XXX.XXX' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-28'$
ID='14' RECORD='@' TYPE='MX' PRIORITY='0' VALUE='mail.mydomain.com.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-28'$
ID='15' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:195.XXX.XXX.XXX -all"' SUSPENDED='no' TIME='17:42:11' DATE='2025- 07-28'$
ID='16' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=quarantine; pct=100"' SUSPENDED='no' TIME='17:42:11' DATE='2025- 07-28'$
ID='17' RECORD='_submission._tcp' TYPE='SRV' PRIORITY='1' VALUE='0 587 mail.mydomain.com.' SUSPENDED='no' TIME='17:42:11' DATE='20 25-07-28'$
ID='18' RECORD='_imap._tcp' TYPE='SRV' PRIORITY='1' VALUE='0 143 mail.mydomain.com.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07- 28'$
ID='19' RECORD='_imaps._tcp' TYPE='SRV' PRIORITY='1' VALUE='0 993 mail.mydomain.com.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07 -28'$
ID='20' RECORD='_pop3._tcp' TYPE='SRV' PRIORITY='1' VALUE='0 110 mail.mydomain.com.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07- 28'$
ID='21' RECORD='_pop3s._tcp' TYPE='SRV' PRIORITY='1' VALUE='0 995 mail.mydomain.com.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07 -28'$
ID='22' RECORD='_domainkey' TYPE='TXT' PRIORITY='' VALUE='"t=y; o=~;"' SUSPENDED='no' TIME='17:42:12' DATE='2025-07-28'$
ID='23' RECORD='mail._domainkey' TYPE='TXT' PRIORITY='' VALUE='"v=DKIM1\; k=rsa\; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAZ8AM2IBCgKCAQEAkXT dqvAXQaPES5Uhe8O0JtpEtJoWIFmoe/oy2AMk7+Cpu4aBV/s+obkYVdcP7cXojjZttJMtZTFQL3FjJL7YhOooW711kvuC0pvXoAyRPSrnfCBJzPTjDw6nDU40Z4LraZYmoF vzsvcTmOPC7YqzTXVbw+WCr2uLJk1mhXod1Q6oqBQC8y3TPMW2a+m+QMc+C53KagrpXnvXU3osAMb6lmJgkIHF8HKDBt1NJ1Ju1FYx7HFAXX9/hfj8SCev/nHMFA0m5PB0q zbuKHJQGKv5aGFPMqGoiFkM1V3y4mDaOW/HF9iX6ej2Xsg1SOUIswH+sW50GZahvkfA6DamWnBgRQIDAQAB"' SUSPENDED='no' TIME='17:42:12' DATE='2025-07- 28'$
ID='24' RECORD='webmail' TYPE='A' PRIORITY='' VALUE='195.XXX.XXX.XXX' SUSPENDED='no' TIME='17:42:13' DATE='2025-07-28'$
You must first create the A records for ns1.mydomain.com and ns2.mydomain.com and once done, create two NS records pointing to ns1.mydomain.com and ns2.mydomain.com.
Also, remember to delete the two current NS records pointing to ns1.domain.tld and ns2.domain.tld.
I can not add new records
root@serve:~# v-list-dns-records user mydomain.com
ID RECORD TYPE VALUE DATE TTL
-- ------ ---- ----- ---- ----
1 @ NS ns1.domain.tld. 2025-07-28 14400
2 @ NS ns2.domain.tld. 2025-07-28 14400
9 @ A 195.xxx.xxx.xxx 2025-07-28 14400
10 www CNAME mydomain.com. 2025-07-28 14400
11 ftp CNAME mydomain.com. 2025-07-28 14400
12 mail A 195.xxx.xxx.xxx 2025-07-28 14400
14 @ MX mail.mydomain.com. 2025-07-28 14400
15 @ TXT "v=spf1 a mx ip4:195.XXX.XXX.1 2025-07-28 14400
16 _dmarc TXT "v=DMARC1; p=quarantine; pct=1 2025-07-28 14400
17 _submission._tcp SRV 0 587 mail.mydomain.com. 2025-07-28 14400
18 _imap._tcp SRV 0 143 mail.mydomain.com. 2025-07-28 14400
19 _imaps._tcp SRV 0 993 mail.mydomain.com. 2025-07-28 14400
20 _pop3._tcp SRV 0 110 mail.mydomain.com. 2025-07-28 14400
21 _pop3s._tcp SRV 0 995 mail.mydomain.com. 2025-07-28 14400
22 _domainkey TXT "t=y; o=~;" 2025-07-28 14400
23 mail._domainkey TXT "v=DKIM1; k=rsa; p=MIIBIjANBgk 2025-07-28 14400
24 webmail A 195.xxx.xxx.xxx 2025-07-28 14400
You are trying to add a domain instead of an IP to an A record.
already there is ana A record for IP
I have added ns1.mydomain.com and ns2.mydomain.com after adding A record for both of them. Then I removed ns1.domain.tld. and ns2.domain.tld. NS records. But currently I cant set nginx redirection and lets encrypt from Edit web domain page. I get Error: DNS record for mydomain.com doesn’t exist
I can’t answer without knowing the actual domain name.
Anyway, make sure you’ve added the glue records for ns1 and ns2 at your domain registrar, and that you’ve also set those ns subdomains as your nameservers at your domain registrar.
root@serve:~# v-list-dns-records user mydomain.com
ID RECORD TYPE VALUE DATE TTL
9 @ A 195.xxx.xxx.xxx 2025-07-28 14400
10 www CNAME mydomain.com. 2025-07-28 14400
11 ftp CNAME mydomain.com. 2025-07-28 14400
12 mail A 195.xxx.xxx.xxx 2025-07-28 14400
14 @ MX mail.mydomain.com. 2025-07-28 14400
15 @ TXT "v=spf1 a mx ip4:195.XXX.XXX.1 2025-07-28 14400
16 _dmarc TXT "v=DMARC1; p=quarantine; pct=1 2025-07-28 14400
17 _submission._tcp SRV 0 587 mail.mydomain.com. 2025-07-28 14400
18 _imap._tcp SRV 0 143 mail.mydomain.com. 2025-07-28 14400
19 _imaps._tcp SRV 0 993 mail.mydomain.com. 2025-07-28 14400
20 _pop3._tcp SRV 0 110 mail.mydomain.com. 2025-07-28 14400
21 _pop3s._tcp SRV 0 995 mail.mydomain.com. 2025-07-28 14400
22 _domainkey TXT “t=y; o=~;” 2025-07-28 14400
23 mail._domainkey TXT "v=DKIM1; k=rsa; p=MIIBIjANBgk 2025-07-28 14400
24 webmail A 195.xxx.xxx.xxx 2025-07-28 14400
25 @ NS ns1.mydomain.com. 2025-07-29 14400
26 @ NS ns2.mydomain.com. 2025-07-29 14400
27 ns1 A 195.xxx.xxx.xxx 2025-07-29 14400
28 ns2 A 195.xxx.xxx.xxx 2025-07-29 14400
Sorry, I don’t know what you’re doing. Also, I can’t help further unless I know the actual domain name. Now I’m seeing things like ns2.mydomain.com.com, and I can’t tell whether that’s a typo meant to hide the real domain or if your domain actually includes the extra .com.
it can take up to 48hrs due to nameserver propagation time for the changes to come online (in special for the glue records). But as @sahsanu wrote, you’ll need to share more informations in order to get help.
sorry I paste text as wrong. there is one .com. I updated previous entry. http://batimentk.com/ domain name.
2025-07-28 05:13:02 v-restart-service 'bind9' '' [Error 20]
2025-07-28 05:13:02 v-restart-dns '' [Error 20]
2025-07-28 05:13:02 v-delete-dns-record 'admin' 'serve.maindomain.com' '21' [Error 20]
2025-07-28 05:13:02 v-restart-service 'bind9' '' [Error 20]
2025-07-28 05:13:03 v-restart-dns '' [Error 20]
2025-07-28 05:13:02 v-add-dns-record 'admin' 'serve.maindomain.com' '@' 'CAA' '0 issue "letsencrypt.org"' [Error dns failed to restart]
2025-07-28 05:13:05 v-restart-service 'bind9' '' [Error 20]
2025-07-28 05:13:05 v-restart-dns '' [Error 20]
2025-07-28 05:13:05 v-delete-dns-record 'admin' 'serve.maindomain.com' '21' [Error 20]
2025-07-28 05:13:05 v-add-letsencrypt-domain 'admin' 'serve.maindomain.com' '' [Error 15]
2025-07-28 05:13:05 v-update-letsencrypt-ssl serve.maindomain.com Error: bind9 restart failed
Error: bind9 restart failed
Error: 20
Error: bind9 restart failed
Error: Let's Encrypt acme/authz bad status 400 (serve.maindomain.com) [Error 2]
2025-07-28 12:00:01 v-backup-user 'maindomain' 'yes' [Error 11]
2025-07-28 17:35:30 v-list-web-domain 'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:35:30 v-list-web-domain 'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:35:30 v-add-web-domain 'user' 'batimentk.com' '195.201.124.130' 'yes' [Error 2]
2025-07-28 17:35:32 v-list-dns-domain 'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:35:32 v-list-dns-domain 'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:35:32 v-add-dns-domain 'user' 'batimentk.com' '195.201.124.130' '' '' '' '' '' '' '' '' 'no' [Error 2]
2025-07-28 17:35:32 v-list-mail-domain 'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:35:32 v-list-mail-domain 'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:35:32 v-add-mail-domain 'user' 'batimentk.com' [Error 2]
2025-07-28 17:37:03 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-28 17:37:22 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-28 17:38:45 v-change-dns-record 'user' 'batimentk.com' '1' '@' 'NS' 'ns1.batimentk.com' '' 'yes' '14400' [Error 3]
2025-07-28 17:38:50 v-change-dns-record 'user' 'batimentk.com' '1' '@' 'NS' 'ns1.batimentk.com.' '' 'yes' '14400' [Error 3]
2025-07-28 17:40:19 v-restart-service 'bind9' '' [Error 20]
2025-07-28 17:40:19 v-restart-dns [Error 20]
2025-07-28 17:41:24 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-28 17:41:38 v-restart-service 'bind9' '' [Error 20]
2025-07-28 17:41:38 v-restart-dns '' [Error 20]
2025-07-28 17:41:38 v-delete-dns-domain 'user' 'batimentk.com' [Error 20]
2025-07-28 17:41:48 v-list-dns-records 'user' 'batimentk.com' [Error 3]
2025-07-28 17:42:10 v-list-web-domain 'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:42:10 v-list-web-domain 'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:42:10 v-add-web-domain 'user' 'batimentk.com' '195.201.124.130' 'yes' [Error 2]
2025-07-28 17:42:11 v-list-dns-domain 'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:42:11 v-list-dns-domain 'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:42:11 v-add-dns-domain 'user' 'batimentk.com' '195.201.124.130' '' '' '' '' '' '' '' '' 'no' [Error 2]
2025-07-28 17:42:12 v-list-mail-domain 'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:42:12 v-list-mail-domain 'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:42:12 v-add-mail-domain 'user' 'batimentk.com' [Error 2]
2025-07-28 17:42:33 v-change-dns-record 'user' 'batimentk.com' '1' '@' 'NS' 'ns1.batimentk.com' '' 'yes' '14400' [Error 3]
2025-07-28 17:49:59 v-change-dns-record 'user' 'batimentk.com' '1' '@' 'NS' 'ns1.batimentk.com' '' 'yes' '14400' [Error 3]
2025-07-28 17:50:24 v-add-dns-record 'user' 'batimentk.com' '@' 'NS' 'ns1.batimentk.com' '' '' 'yes' '14400' [Error 3]
2025-07-28 17:56:58 v-change-dns-record 'user' 'batimentk.com' '1' '@' 'NS' 'ns1.batimentk.com' '' 'yes' '14400' [Error 3]
2025-07-28 18:00:29 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-28 18:44:51 v-list-dns-records 'alice' 'wonderland.com' [Error 3]
2025-07-28 18:49:45 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-28 18:50:32 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-28 18:54:15 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:04:15 v-add-dns-record 'user' 'batimentk.com' '@' 'A' 'ns1.batimentk.com' '' '' 'yes' '14400' [Error 2]
2025-07-29 01:05:00 v-add-dns-record 'user' 'batimentk.com' '@' 'A' 'ns1.batimentk.com' '' '' 'yes' '14400' [Error 2]
2025-07-29 01:36:37 v-change-dns-record 'user' 'batimentk.com' '2' '@' 'NS' 'ns2.batimentk.com' '' 'yes' '14400' [Error 3]
2025-07-29 01:39:46 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:40:07 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:41:04 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:42:49 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:45:12 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:49:10 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:56:11 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:58:17 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:58:44 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 05:14:35 v-add-letsencrypt-domain 'admin' 'serve.maindomain.com' '' [Error 15]
2025-07-29 05:14:35 v-update-letsencrypt-ssl serve.maindomain.com Error: Let's Encrypt validation status 400 (serve.maindomain.com). Details: 400:"DNS problem: SERVFAIL looking up A for serve.maindomain.com - the domain's nameservers may be malfunctioning; DNS problem: SERVFAIL looking up AAAA for serve.maindomain.com - the domain's nameservers may be malfunctioning" [Error 2]
2025-07-29 10:14:59 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 10:18:24 v-add-letsencrypt-domain 'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
Right now, your domain has no name servers assigned on the registrar’s side.
❯ whois batimentk.com 2>/dev/null | grep -Ei '\s+name server'
The above command should display the name servers assigned to your domain. Here’s an example:
❯ whois google.com 2>/dev/null | grep -Ei '\s+name server'
Name Server: NS1.GOOGLE.COM
Name Server: NS2.GOOGLE.COM
Name Server: NS3.GOOGLE.COM
Name Server: NS4.GOOGLE.COM
And the .com name servers don’t have any information about the name servers or the glue records.
❯ dig @a.gtld-servers.net batimentk.com +noall +auth +add
com. 900 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1753774100 1800 900 604800 900
Here is another example using a different domain to illustrate what the expected result should be:
❯ dig @a.gtld-servers.net google.com +noall +auth +add
google.com. 172800 IN NS ns2.google.com.
google.com. 172800 IN NS ns1.google.com.
google.com. 172800 IN NS ns3.google.com.
google.com. 172800 IN NS ns4.google.com.
ns2.google.com. 172800 IN AAAA 2001:4860:4802:34::a
ns2.google.com. 172800 IN A 216.239.34.10
ns1.google.com. 172800 IN AAAA 2001:4860:4802:32::a
ns1.google.com. 172800 IN A 216.239.32.10
ns3.google.com. 172800 IN AAAA 2001:4860:4802:36::a
ns3.google.com. 172800 IN A 216.239.36.10
ns4.google.com. 172800 IN AAAA 2001:4860:4802:38::a
ns4.google.com. 172800 IN A 216.239.38.10
So, you should contact your domain registrar to find out how to create glue records and properly configure the name servers for your domain.
I create a ticket to domain registrar for nameservers. I solved with your directive and commands. Thank you very much.
I added nameservers to wrong section so I got errors. They guided to me about where I can add nameservers. Then I can add ssl and nginx redirections
Wrong section
I configured domain thanks to this guide.
1 Like
You’re welcome. I’m glad you finally resolved it 
1 Like