How does DO verify domain ownership?

Posted July 2, 2015 5.9k views

Hi, I just registered a domain and pointed the nameservers to DO. I then went into the DO DNS panel and setup a test subdomain to one of my boxes. Performing a local nslookup I can confirm that the subdomain points to the correct IP of my DO box. So everything seems to be working as expected. I have to ask though, how does DO know that my account should be allowed to modify records for that domain? I don’t see what could stop someone with another DO account from modifying records for my domain. Other services like Google Apps verify domain ownership by requiring the domain owner to add a TXT record to their domain with a special code. DO doesn’t seem to do anything like that.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
2 answers

A domain can only exist on one account so any user attempting to add it would not be able to. Cases where a domain already exists or is hijacked are extremely rare (I’ve seen 3 cases in 2+ years and in each case it was a former owner of the domain who still had records in place). In these rare cases the user can open a support ticket where we will verify the domain whois information against their billing details to verify ownership.