I cant edit or add DNS record after upgrade to 1.9.4 version

I cant edit or add DNS record after upgrade to 1.9.4 version. I have added new domain with DNS and mail option, panel created both of them but I cant edit or add DNS records. Also I can not add let’s encrypt and ssl redirection because of this error.

I don’t think the issue is due to upgrading to 1.9.4, but rather because the update rebuilt your user.

Show the output of these commands (please, no screenshots):

Note: Replace YOURUSER and YOURDOMAIN with the actual user and domain name.

cat /home/YOURUSER/conf/dns/YOURDOMAIN.db 
cat -A /usr/local/hestia/data/users/YOURUSER/dns.conf | grep YOURDOMAIN
cat -A /usr/local/hestia/data/users/YOURUSER/dns/YOURDOMAIN.conf
1 Like

commands’ output; I removed domain and create again from panel. and problem continue.

root@serve:~# cat /home/myuser/conf/dns/mydomain.com.db
$TTL 14400
@    IN    SOA    ns1.domain.tld.    root.mydomain.com. (
                                            2025072805
                                            7200
                                            3600
                                            1209600
                                            180 )

root@serve:~# cat -A /usr/local/hestia/data/users/myuser/dns.conf | grep mydomain.com
DOMAIN='mydomain.com' IP='195.XXX.XXX.XXX' TPL='default' TTL='14400' EXP='2026-07-28' SOA='ns1.domain.tld' SERIAL='2025072805' SRC                       ='' RECORDS='17' DNSSEC='no' KEY='' SLAVE='no' MASTER='' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-28'$
root@serve:~# cat -A /usr/local/hestia/data/users/myuser/dns/mydomain.com.conf
ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.domain.tld.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-28'$
ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.domain.tld.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-28'$
ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='195.XXX.XXX.XXX' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-28'$
ID='10' RECORD='www' TYPE='CNAME' PRIORITY='' VALUE='mydomain.com.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-28'$
ID='11' RECORD='ftp' TYPE='CNAME' PRIORITY='' VALUE='mydomain.com.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-28'$
ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='195.XXX.XXX.XXX' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-28'$
ID='14' RECORD='@' TYPE='MX' PRIORITY='0' VALUE='mail.mydomain.com.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-28'$
ID='15' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:195.XXX.XXX.XXX -all"' SUSPENDED='no' TIME='17:42:11' DATE='2025-                       07-28'$
ID='16' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=quarantine; pct=100"' SUSPENDED='no' TIME='17:42:11' DATE='2025-                       07-28'$
ID='17' RECORD='_submission._tcp' TYPE='SRV' PRIORITY='1' VALUE='0 587 mail.mydomain.com.' SUSPENDED='no' TIME='17:42:11' DATE='20                       25-07-28'$
ID='18' RECORD='_imap._tcp' TYPE='SRV' PRIORITY='1' VALUE='0 143 mail.mydomain.com.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-                       28'$
ID='19' RECORD='_imaps._tcp' TYPE='SRV' PRIORITY='1' VALUE='0 993 mail.mydomain.com.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07                       -28'$
ID='20' RECORD='_pop3._tcp' TYPE='SRV' PRIORITY='1' VALUE='0 110 mail.mydomain.com.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07-                       28'$
ID='21' RECORD='_pop3s._tcp' TYPE='SRV' PRIORITY='1' VALUE='0 995 mail.mydomain.com.' SUSPENDED='no' TIME='17:42:11' DATE='2025-07                       -28'$
ID='22' RECORD='_domainkey' TYPE='TXT' PRIORITY='' VALUE='"t=y; o=~;"' SUSPENDED='no' TIME='17:42:12' DATE='2025-07-28'$
ID='23' RECORD='mail._domainkey' TYPE='TXT' PRIORITY='' VALUE='"v=DKIM1\; k=rsa\; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAZ8AM2IBCgKCAQEAkXT                       dqvAXQaPES5Uhe8O0JtpEtJoWIFmoe/oy2AMk7+Cpu4aBV/s+obkYVdcP7cXojjZttJMtZTFQL3FjJL7YhOooW711kvuC0pvXoAyRPSrnfCBJzPTjDw6nDU40Z4LraZYmoF                       vzsvcTmOPC7YqzTXVbw+WCr2uLJk1mhXod1Q6oqBQC8y3TPMW2a+m+QMc+C53KagrpXnvXU3osAMb6lmJgkIHF8HKDBt1NJ1Ju1FYx7HFAXX9/hfj8SCev/nHMFA0m5PB0q                       zbuKHJQGKv5aGFPMqGoiFkM1V3y4mDaOW/HF9iX6ej2Xsg1SOUIswH+sW50GZahvkfA6DamWnBgRQIDAQAB"' SUSPENDED='no' TIME='17:42:12' DATE='2025-07-                       28'$
ID='24' RECORD='webmail' TYPE='A' PRIORITY='' VALUE='195.XXX.XXX.XXX' SUSPENDED='no' TIME='17:42:13' DATE='2025-07-28'$

You must first create the A records for ns1.mydomain.com and ns2.mydomain.com and once done, create two NS records pointing to ns1.mydomain.com and ns2.mydomain.com.

Also, remember to delete the two current NS records pointing to ns1.domain.tld and ns2.domain.tld.

I can not add new records

root@serve:~# v-list-dns-records user mydomain.com
ID  RECORD            TYPE   VALUE                           DATE        TTL
--  ------            ----   -----                           ----        ----
1   @                 NS     ns1.domain.tld.                 2025-07-28  14400
2   @                 NS     ns2.domain.tld.                 2025-07-28  14400
9   @                 A      195.xxx.xxx.xxx                2025-07-28  14400
10  www               CNAME  mydomain.com.                  2025-07-28  14400
11  ftp               CNAME  mydomain.com.                  2025-07-28  14400
12  mail              A      195.xxx.xxx.xxx                2025-07-28  14400
14  @                 MX     mail.mydomain.com.             2025-07-28  14400
15  @                 TXT    "v=spf1 a mx ip4:195.XXX.XXX.1  2025-07-28  14400
16  _dmarc            TXT    "v=DMARC1; p=quarantine; pct=1  2025-07-28  14400
17  _submission._tcp  SRV    0 587 mail.mydomain.com.       2025-07-28  14400
18  _imap._tcp        SRV    0 143 mail.mydomain.com.       2025-07-28  14400
19  _imaps._tcp       SRV    0 993 mail.mydomain.com.       2025-07-28  14400
20  _pop3._tcp        SRV    0 110 mail.mydomain.com.       2025-07-28  14400
21  _pop3s._tcp       SRV    0 995 mail.mydomain.com.       2025-07-28  14400
22  _domainkey        TXT    "t=y; o=~;"                     2025-07-28  14400
23  mail._domainkey   TXT    "v=DKIM1; k=rsa; p=MIIBIjANBgk  2025-07-28  14400
24  webmail           A      195.xxx.xxx.xxx                2025-07-28  14400

You are trying to add a domain instead of an IP to an A record.

already there is ana A record for IP

But you must add the ip to ns1 subdomain (and the same for ns2):

I have added ns1.mydomain.com and ns2.mydomain.com after adding A record for both of them. Then I removed ns1.domain.tld. and ns2.domain.tld. NS records. But currently I cant set nginx redirection and lets encrypt from Edit web domain page. I get Error: DNS record for mydomain.com doesn’t exist

I can’t answer without knowing the actual domain name.

Anyway, make sure you’ve added the glue records for ns1 and ns2 at your domain registrar, and that you’ve also set those ns subdomains as your nameservers at your domain registrar.

root@serve:~# v-list-dns-records user mydomain.com
ID RECORD TYPE VALUE DATE TTL


9 @ A 195.xxx.xxx.xxx 2025-07-28 14400
10 www CNAME mydomain.com. 2025-07-28 14400
11 ftp CNAME mydomain.com. 2025-07-28 14400
12 mail A 195.xxx.xxx.xxx 2025-07-28 14400
14 @ MX mail.mydomain.com. 2025-07-28 14400
15 @ TXT "v=spf1 a mx ip4:195.XXX.XXX.1 2025-07-28 14400
16 _dmarc TXT "v=DMARC1; p=quarantine; pct=1 2025-07-28 14400
17 _submission._tcp SRV 0 587 mail.mydomain.com. 2025-07-28 14400
18 _imap._tcp SRV 0 143 mail.mydomain.com. 2025-07-28 14400
19 _imaps._tcp SRV 0 993 mail.mydomain.com. 2025-07-28 14400
20 _pop3._tcp SRV 0 110 mail.mydomain.com. 2025-07-28 14400
21 _pop3s._tcp SRV 0 995 mail.mydomain.com. 2025-07-28 14400
22 _domainkey TXT “t=y; o=~;” 2025-07-28 14400
23 mail._domainkey TXT "v=DKIM1; k=rsa; p=MIIBIjANBgk 2025-07-28 14400
24 webmail A 195.xxx.xxx.xxx 2025-07-28 14400
25 @ NS ns1.mydomain.com. 2025-07-29 14400
26 @ NS ns2.mydomain.com. 2025-07-29 14400
27 ns1 A 195.xxx.xxx.xxx 2025-07-29 14400
28 ns2 A 195.xxx.xxx.xxx 2025-07-29 14400

Sorry, I don’t know what you’re doing. Also, I can’t help further unless I know the actual domain name. Now I’m seeing things like ns2.mydomain.com.com, and I can’t tell whether that’s a typo meant to hide the real domain or if your domain actually includes the extra .com.

it can take up to 48hrs due to nameserver propagation time for the changes to come online (in special for the glue records). But as @sahsanu wrote, you’ll need to share more informations in order to get help.

sorry I paste text as wrong. there is one .com. I updated previous entry. http://batimentk.com/ domain name.

2025-07-28 05:13:02 v-restart-service  'bind9' '' [Error 20]
2025-07-28 05:13:02 v-restart-dns  '' [Error 20]
2025-07-28 05:13:02 v-delete-dns-record  'admin' 'serve.maindomain.com' '21' [Error 20]
2025-07-28 05:13:02 v-restart-service  'bind9' '' [Error 20]
2025-07-28 05:13:03 v-restart-dns  '' [Error 20]
2025-07-28 05:13:02 v-add-dns-record  'admin' 'serve.maindomain.com' '@' 'CAA' '0 issue "letsencrypt.org"' [Error dns failed to restart]
2025-07-28 05:13:05 v-restart-service  'bind9' '' [Error 20]
2025-07-28 05:13:05 v-restart-dns  '' [Error 20]
2025-07-28 05:13:05 v-delete-dns-record  'admin' 'serve.maindomain.com' '21' [Error 20]
2025-07-28 05:13:05 v-add-letsencrypt-domain  'admin' 'serve.maindomain.com' '' [Error 15]
2025-07-28 05:13:05 v-update-letsencrypt-ssl serve.maindomain.com Error: bind9 restart failed
Error: bind9 restart failed
Error: 20
Error: bind9 restart failed
Error: Let's Encrypt acme/authz bad status 400 (serve.maindomain.com) [Error 2]
2025-07-28 12:00:01 v-backup-user  'maindomain' 'yes' [Error 11]
2025-07-28 17:35:30 v-list-web-domain  'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:35:30 v-list-web-domain  'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:35:30 v-add-web-domain  'user' 'batimentk.com' '195.201.124.130' 'yes' [Error 2]
2025-07-28 17:35:32 v-list-dns-domain  'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:35:32 v-list-dns-domain  'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:35:32 v-add-dns-domain  'user' 'batimentk.com' '195.201.124.130' '' '' '' '' '' '' '' '' 'no' [Error 2]
2025-07-28 17:35:32 v-list-mail-domain  'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:35:32 v-list-mail-domain  'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:35:32 v-add-mail-domain  'user' 'batimentk.com' [Error 2]
2025-07-28 17:37:03 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-28 17:37:22 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-28 17:38:45 v-change-dns-record  'user' 'batimentk.com' '1' '@' 'NS' 'ns1.batimentk.com' '' 'yes' '14400' [Error 3]
2025-07-28 17:38:50 v-change-dns-record  'user' 'batimentk.com' '1' '@' 'NS' 'ns1.batimentk.com.' '' 'yes' '14400' [Error 3]
2025-07-28 17:40:19 v-restart-service  'bind9' '' [Error 20]
2025-07-28 17:40:19 v-restart-dns  [Error 20]
2025-07-28 17:41:24 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-28 17:41:38 v-restart-service  'bind9' '' [Error 20]
2025-07-28 17:41:38 v-restart-dns  '' [Error 20]
2025-07-28 17:41:38 v-delete-dns-domain  'user' 'batimentk.com' [Error 20]
2025-07-28 17:41:48 v-list-dns-records  'user' 'batimentk.com' [Error 3]
2025-07-28 17:42:10 v-list-web-domain  'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:42:10 v-list-web-domain  'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:42:10 v-add-web-domain  'user' 'batimentk.com' '195.201.124.130' 'yes' [Error 2]
2025-07-28 17:42:11 v-list-dns-domain  'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:42:11 v-list-dns-domain  'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:42:11 v-add-dns-domain  'user' 'batimentk.com' '195.201.124.130' '' '' '' '' '' '' '' '' 'no' [Error 2]
2025-07-28 17:42:12 v-list-mail-domain  'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:42:12 v-list-mail-domain  'user' 'batimentk.com' 'plain' [Error 3]
2025-07-28 17:42:12 v-add-mail-domain  'user' 'batimentk.com' [Error 2]
2025-07-28 17:42:33 v-change-dns-record  'user' 'batimentk.com' '1' '@' 'NS' 'ns1.batimentk.com' '' 'yes' '14400' [Error 3]
2025-07-28 17:49:59 v-change-dns-record  'user' 'batimentk.com' '1' '@' 'NS' 'ns1.batimentk.com' '' 'yes' '14400' [Error 3]
2025-07-28 17:50:24 v-add-dns-record  'user' 'batimentk.com' '@' 'NS' 'ns1.batimentk.com' '' '' 'yes' '14400' [Error 3]
2025-07-28 17:56:58 v-change-dns-record  'user' 'batimentk.com' '1' '@' 'NS' 'ns1.batimentk.com' '' 'yes' '14400' [Error 3]
2025-07-28 18:00:29 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-28 18:44:51 v-list-dns-records  'alice' 'wonderland.com' [Error 3]
2025-07-28 18:49:45 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-28 18:50:32 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-28 18:54:15 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:04:15 v-add-dns-record  'user' 'batimentk.com' '@' 'A' 'ns1.batimentk.com' '' '' 'yes' '14400' [Error 2]
2025-07-29 01:05:00 v-add-dns-record  'user' 'batimentk.com' '@' 'A' 'ns1.batimentk.com' '' '' 'yes' '14400' [Error 2]
2025-07-29 01:36:37 v-change-dns-record  'user' 'batimentk.com' '2' '@' 'NS' 'ns2.batimentk.com' '' 'yes' '14400' [Error 3]
2025-07-29 01:39:46 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:40:07 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:41:04 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:42:49 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:45:12 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:49:10 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:56:11 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:58:17 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 01:58:44 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 05:14:35 v-add-letsencrypt-domain  'admin' 'serve.maindomain.com' '' [Error 15]
2025-07-29 05:14:35 v-update-letsencrypt-ssl serve.maindomain.com Error: Let's Encrypt validation status 400 (serve.maindomain.com). Details: 400:"DNS problem: SERVFAIL looking up A for serve.maindomain.com - the domain's nameservers may be malfunctioning; DNS problem: SERVFAIL looking up AAAA for serve.maindomain.com - the domain's nameservers may be malfunctioning" [Error 2]
2025-07-29 10:14:59 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]
2025-07-29 10:18:24 v-add-letsencrypt-domain  'user' 'batimentk.com' 'www.batimentk.com' '' [Error 3]

Right now, your domain has no name servers assigned on the registrar’s side.

❯ whois batimentk.com 2>/dev/null | grep -Ei '\s+name server'

The above command should display the name servers assigned to your domain. Here’s an example:

❯ whois google.com 2>/dev/null | grep -Ei '\s+name server'
   Name Server: NS1.GOOGLE.COM
   Name Server: NS2.GOOGLE.COM
   Name Server: NS3.GOOGLE.COM
   Name Server: NS4.GOOGLE.COM

And the .com name servers don’t have any information about the name servers or the glue records.

❯ dig @a.gtld-servers.net batimentk.com +noall +auth +add
com.                    900     IN      SOA     a.gtld-servers.net. nstld.verisign-grs.com. 1753774100 1800 900 604800 900

Here is another example using a different domain to illustrate what the expected result should be:

❯ dig @a.gtld-servers.net google.com +noall +auth +add
google.com.             172800  IN      NS      ns2.google.com.
google.com.             172800  IN      NS      ns1.google.com.
google.com.             172800  IN      NS      ns3.google.com.
google.com.             172800  IN      NS      ns4.google.com.
ns2.google.com.         172800  IN      AAAA    2001:4860:4802:34::a
ns2.google.com.         172800  IN      A       216.239.34.10
ns1.google.com.         172800  IN      AAAA    2001:4860:4802:32::a
ns1.google.com.         172800  IN      A       216.239.32.10
ns3.google.com.         172800  IN      AAAA    2001:4860:4802:36::a
ns3.google.com.         172800  IN      A       216.239.36.10
ns4.google.com.         172800  IN      AAAA    2001:4860:4802:38::a
ns4.google.com.         172800  IN      A       216.239.38.10

So, you should contact your domain registrar to find out how to create glue records and properly configure the name servers for your domain.

I create a ticket to domain registrar for nameservers. I solved with your directive and commands. Thank you very much.

I added nameservers to wrong section so I got errors. They guided to me about where I can add nameservers. Then I can add ssl and nginx redirections

Wrong section

I configured domain thanks to this guide.

1 Like

You’re welcome. I’m glad you finally resolved it :wink:

1 Like