Question

Domain Pointing / Stealing Via DNS On DigitalOcean Side

I am just a bit confused as to how DNS works in terms of when it is assigned to DigitalOcean’s nameservers.

My domain from Namecheap is pointed at NS1/2/3.DIGITALOCEAN.COM. and I added the domain under DNS in DO to point to the droplet IP. My question is, wouldn’t someone else using DO be able to do the same thing and assign a domain in their own DNS panel and point the record to their own droplet IP?

AKA: how does DO know what domain should point to what account’s DNS?

Regards.

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

I know this is a very old question but I just had someone steal my DNS/IP and point their domain name to my IP hosted on DO, did you find out what steps DO took? or you took? I have already send DMCA notice to Google and to the Registrar with which the domain was booked and I am waiting on DO’s support to respond.

You should google how a domain name is resolved or how DNS works.

Process of a DNS request from my knowledge

  1. client send a request to a name server
  2. name server search it’s cache for answer (ip) if it have cache return the result to the client > query ended successfully if not, it will query the root name server, and the root will return the authoritative name servers which you specified for your domain to answer the query. After getting an answer from the authoritative name server, the name server cache the result for later query and return the result to the client > query ended successfully.

The TTL field of a dns record is to tell other name server how long it can keep the cache before requerying.

Anyone can setup a name server for any domain, but only the authoritative name servers is responsible for all unanswered dns query.

How does DO know what domain should point to what account's DNS?

The answer is DO don’t know what domain should point to what account’s DNS? Only the authoritative name servers you set at your registrar matters.