By cmio
So I’ve pointed my domain name from my registrar to DigitalOcean’s name servers. Since there is no authentication on DigitalOcean to ensure I own the domain before I make DNS records for it, surely its possible that someone could create records for it and hijack it (albeit briefly) to go to where ever they want?
I presume there is some system in place to stop the duplication of records for a particular domain name but propose they made the records before you. Also, I understand that I could narrow the window of attack by setting up my DNS records first before I point to the name servers. I’m just interested in seeing if it was possible.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
The DNS system will allow you to create a zone for any domain for which three is not already one in the system. Since our DNS servers are not used directly as resolvers this would not allow poisoning of records unless the domain were already pointed to our nameservers but the user had not set up DNS themselves. We recommend creating your zone before re-pointing your DNS. The primary reason for this is that it reduces downtime.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.