Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
Webserver TCP port 53 is open or closed? Question Question
How does DO verify domain ownership? Question Question

Question

DNS security and domain hijacking

Posted May 12, 2015 4.5k views
SecurityDNS

If I point my domain to Digital Ocean’s name servers, could someone else surreptitiously create their own DO account and create DNS entries for my domain, thereby hijacking it? What stops that from happening?

Add a comment
kobenauf
By:
kobenauf

Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
Webserver TCP port 53 is open or closed? Question Question
How does DO verify domain ownership? Question Question
Add a comment
1 comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
4 answers
Woet May 12, 2015

Don’t point your domain to DO’s nameservers before you added the domain to your account.

Reply Report
kobenauf May 12, 2015

Got it. Thanks for responding.

Reply Report
michael.prescott.spambox July 13, 2020

Nothing stops it from happening, if you do make the mistake of configuring your TLD records first. It happened to me a few days ago and their other customer is damaging our brand by using our domain for nefarious purposes. Anyone know how to contact support? No one is responding to the support ticket I created.

Reply Report
brandon2b85f05dbce705b6ff2 September 16, 2020

I just had this happen. I use to have a Droplet for a specific domain and wasn’t using it so I removed it and I decided to remove the domain from DigitalOcean networking but I did not update my name servers for the domain. It got hijacked like @michael.prescott.spambox ’s. I sent in a ticket. Hopefully I get a response. So remember to remove the name server settings if you remove it from DigitalOcean networking.

Reply Report

Related

Looking for something else?

Ask a new question Search for more help