Is Digital Ocean safe against DNS hacks?
These three questions may be naive and stemming from my cursory understanding of DNS.
Let’s say I register mydomain.com at a third party registrar and I point it to the Digital Ocean name servers.
Someone finds out about the domain name and the fact that it’s directed to Digital Ocean name servers. Before I had a chance to create an A record pointing to my droplet’s IP address, this person maliciously creates an A record pointing to his own Digital Ocean VPS. It is an unlikely scenario, but I am crazy to say that it would be possible for someone to hijack another person’s brand new domain name this way?
Second question is this. Let’s say I have an existing site running on my droplet. A malicious Digital Ocean customer sets up a duplicate A record pointing to his own IP address. What would happen in this scenario? Do A records work as first-come-first serve?
Third question is this. A Digital Ocean customer sets up an A record for mydomain.com but forgets to setup CNAME for www.mydomain.com. A malicious user sets up the CNAME pointing to his own IP address. what happens in this case?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.