Related

Tool Instant DNS Lookup Tool Tool
DNS security and domain hijacking Question Question
Webserver TCP port 53 is open or closed? Question Question

Question

How does DO verify domain ownership?

Posted July 2, 2015 4.5k views
SecurityDNS

Hi, I just registered a domain and pointed the nameservers to DO. I then went into the DO DNS panel and setup a test subdomain to one of my boxes. Performing a local nslookup I can confirm that the subdomain points to the correct IP of my DO box. So everything seems to be working as expected. I have to ask though, how does DO know that my account should be allowed to modify records for that domain? I don’t see what could stop someone with another DO account from modifying records for my domain. Other services like Google Apps verify domain ownership by requiring the domain owner to add a TXT record to their domain with a special code. DO doesn’t seem to do anything like that.

Add a comment
MattMRo
By:
MattMRo
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer
ryanpq July 2, 2015

A domain can only exist on one account so any user attempting to add it would not be able to. Cases where a domain already exists or is hijacked are extremely rare (I’ve seen 3 cases in 2+ years and in each case it was a former owner of the domain who still had records in place). In these rare cases the user can open a support ticket where we will verify the domain whois information against their billing details to verify ownership.

Reply Report
mehmetaliskr December 10, 2018
[deleted]
Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help