Is Digital Ocean safe against DNS hacks?

October 23, 2014 1.4k views

These three questions may be naive and stemming from my cursory understanding of DNS.

Let's say I register mydomain.com at a third party registrar and I point it to the Digital Ocean name servers.

Someone finds out about the domain name and the fact that it's directed to Digital Ocean name servers. Before I had a chance to create an A record pointing to my droplet's IP address, this person maliciously creates an A record pointing to his own Digital Ocean VPS. It is an unlikely scenario, but I am crazy to say that it would be possible for someone to hijack another person's brand new domain name this way?

Second question is this. Let's say I have an existing site running on my droplet. A malicious Digital Ocean customer sets up a duplicate A record pointing to his own IP address. What would happen in this scenario? Do A records work as first-come-first serve?

Third question is this. A Digital Ocean customer sets up an A record for mydomain.com but forgets to setup CNAME for www.mydomain.com. A malicious user sets up the CNAME pointing to his own IP address. what happens in this case?

1 Answer

You should add the domain to your account under "DNS" before pointing your domain to DO's name servers. All other questions are not applicable, only you can make changes to your domains DNS.

Have another answer? Share your knowledge.