Someone hijacked my domain??

I have a personal site i haven’t checked in a while and today decided to, and my domain is redirecting to a http only login page called “The Power Portal”, i never heard of it and i’m not responsible for it.

I searched around and found this:

My first assumption was wordpress had been compromised so i turned off my droplet, but its still there, i have no idea how. I have two droplets and they are both turned off, i also removed the domain entry from digitalocean.

I went to my domain registrar and deleted the digitalocean names, hopefully that will fix it. Stil waiting.

Does anyone know what the cause of this is?


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hi @epsilonprime21,

This sounds like your domain has expired and it has been acquired by someone else. Can you confirm this is not the case?

Additionally, if it hasn’t actually expired and you’ve pointed it properly to your DigitalOcean droplet, unless something is compromised, there is no way this could have happened from the droplet.

You can check your domain’s DNS history to confirm if it has been actually changed as this is a possibility as well.

Regards, KDSys