Is Digital Ocean safe against DNS hacks?

Posted October 23, 2014 2.7k views

These three questions may be naive and stemming from my cursory understanding of DNS.

Let’s say I register at a third party registrar and I point it to the Digital Ocean name servers.

Someone finds out about the domain name and the fact that it’s directed to Digital Ocean name servers. Before I had a chance to create an A record pointing to my droplet’s IP address, this person maliciously creates an A record pointing to his own Digital Ocean VPS. It is an unlikely scenario, but I am crazy to say that it would be possible for someone to hijack another person’s brand new domain name this way?

Second question is this. Let’s say I have an existing site running on my droplet. A malicious Digital Ocean customer sets up a duplicate A record pointing to his own IP address. What would happen in this scenario? Do A records work as first-come-first serve?

Third question is this. A Digital Ocean customer sets up an A record for but forgets to setup CNAME for A malicious user sets up the CNAME pointing to his own IP address. what happens in this case?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

1 answer

You should add the domain to your account under “DNS” before pointing your domain to DO’s name servers. All other questions are not applicable, only you can make changes to your domains DNS.

Submit an Answer