Xiufeng Guo
WHOIS

Build a High-Performance WHOIS Server Using Python and Nginx

Learn how to build a high-performance WHOIS server using Python and Nginx to meet modern compliance needs.

Xiufeng Guo
Xiufeng Guo
3 min read
Build a High-Performance WHOIS Server Using Python and Nginx
AI image generated by ChatGPT 4o

Background


According to the latest ICANN compliance policies, we don't need the traditional WHOIS server for our domain whois queries. Instead, ICANN suggests all the registrars using the modern RDAP protocol for whois queries.

ICANN Update: Launching RDAP; Sunsetting WHOIS
The Registration Data Access Protocol (RDAP) is the successor to WHOIS, which is being sunsetted on 28 January 2025.
ICANN

The Registration Data Access Protocol (RDAP) is the successor to the traditional WHOIS protocol. It is a more modern, faster, and secure protocol.

I highly recommend that all domain registrars upgrade to RDAP instead of continuing to use WHOIS. We have already completed the upgrade for our company, xTom GmbH (IANA ID 3968).

But many old applications are still using the traditional whois protocol, that's why we have to build our own whois server and return a message for all users.

1. Prerequisites

We have two ways to build a WHOIS server: one is by using the Nginx stream module, and the other is by using Python with Nginx.

First, install the required system packages:

apt update
apt install -y lsb-release ca-certificates apt-transport-https curl gnupg dpkg python3

Then, add the N.WTF repository, which provides the latest Nginx mainline version with the stream module enabled:

curl -sS https://n.wtf/public.key | gpg --dearmor > /usr/share/keyrings/n.wtf.gpg

echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/n.wtf.gpg] https://mirror-cdn.xtom.com/sb/nginx/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/n.wtf.list

Next, install Nginx:

apt install nginx-extras -y

2. Build a WHOIS Server Using the Nginx Stream Module

We can use the Nginx stream module to build a simple WHOIS server. Just add the following configuration to your Nginx configuration file located at /etc/nginx/nginx.conf:

stream {
    # Define rate limiting zone
    limit_conn_zone $binary_remote_addr zone=whois_stream_conn:10m;
   
    # simple whois server
    server {
        listen 43;
        listen [::]:43;
       
        # Connection limits
        limit_conn whois_stream_conn 5;

        proxy_timeout 10s;
       
        # Return a message to the client
        return "NOTICE: In accordance with ICANN compliance policies, our whois server has been discontinued. Please use the RDAP protocol for all domain whois queries.\n\nFor more information, please visit:\n\nhttps://www.icann.org/en/announcements/details/icann-update-launching-rdap-sunsetting-whois-27-01-2025-en\nhttps://www.icann.org/resources/pages/global-amendment-2023-en\n\n";
    }
}

Then, reload Nginx to apply the changes:

nginx -t
nginx -s reload

However, there is a problem that every time we query the WHOIS server, it immediately returns the message:

fgets: Connection reset by peer

This issue occurs because the WHOIS client expects the server to keep the connection open until the client disconnects.In the current Nginx configuration, the server closes the connection immediately after sending the response, causing the client to display a fgets: Connection reset by peer error.

So let's try to use Python and Nginx to build a whois server.

3. Build a WHOIS Server Using Python and Nginx

Claude helped me create a simple Python script that can be used to build a WHOIS server. The script listens on port 43 and returns a predefined message to the client.

First, clone my repository and copy the whois.py script to the /opt/ directory:

git clone https://git.m.ac/showfom/whois-server
cp whois.py /opt/

Then, copy the systemd service template to /etc/systemd/system/:

cp whois-server.servicee /etc/systemd/system/

Next, enable and start the service:

systemctl daemon-reload
systemctl enable --now whois-server

Now, you can test the WHOIS server using the following command:

whois anything -h 127.0.0.1:10043

It should return the configured message:

NOTICE: In accordance with ICANN compliance policies, our whois server has been discontinued. Please use the RDAP protocol for all domain whois queries.

For more information, please visit:

https://www.icann.org/en/announcements/details/icann-update-launching-rdap-sunsetting-whois-27-01-2025-en
https://www.icann.org/resources/pages/global-amendment-2023-en

Now, let's configure Nginx to proxy traffic to the WHOIS server.

Add the following configuration to your Nginx configuration file at /etc/nginx/nginx.conf:

stream {
    # Define rate limiting zone
    limit_conn_zone $binary_remote_addr zone=whois_stream_conn:10m;
   
    # whois server
    server {
        listen 43;
        listen [::]:43;
       
        # Connection limits
        limit_conn whois_stream_conn 5;
       
        # Forward requests to the local Python script service
        proxy_pass 127.0.0.1:10043;
        proxy_timeout 30s;
    }
}

Then, reload Nginx to apply the changes:

nginx -t
nginx -s reload

Finally, you can query your WHOIS server again using the following command:

whois anything -h localhost

You can set up a WHOIS domain with DNS A/AAAA records pointing to your server's IP address, and submit it to all registries to designate your server as the official WHOIS server.