How does DO verify domain ownership?

July 2, 2015 797 views
DNS Security

Hi, I just registered a domain and pointed the nameservers to DO. I then went into the DO DNS panel and setup a test subdomain to one of my boxes. Performing a local nslookup I can confirm that the subdomain points to the correct IP of my DO box. So everything seems to be working as expected. I have to ask though, how does DO know that my account should be allowed to modify records for that domain? I don't see what could stop someone with another DO account from modifying records for my domain. Other services like Google Apps verify domain ownership by requiring the domain owner to add a TXT record to their domain with a special code. DO doesn't seem to do anything like that.

1 Answer

A domain can only exist on one account so any user attempting to add it would not be able to. Cases where a domain already exists or is hijacked are extremely rare (I've seen 3 cases in 2+ years and in each case it was a former owner of the domain who still had records in place). In these rare cases the user can open a support ticket where we will verify the domain whois information against their billing details to verify ownership.

Have another answer? Share your knowledge.