CloudFlare launches registrar to prevent DNS hijacking attacks

Under the CloudFlare Registrar, companies must have multiple employees approving changes to domain name settings at the same time.

Security firm CloudFlare has launched a domain name registration service designed to help enterprises thwart DNS hijacking attacks.

Domain hijacking occurs when sites are redirected or compromised without the site owner's knowledge. In a most innocuous scenario, a domain is hijacked by a rogue employee to embarrass a company.

But in worst cases, DNS hijacking can result in complete loss of security functionality, control over a website's content and email accounts, and the potential to redirect web traffic to malicious servers.

The risks go on and on depending on the company targeted. In the case of API providers, for instance, a hijacked domain has the potential to compromise any number applications connected to it.

So CloudFlare's answer to these hijacking attacks is a new "security-focused" Registrar with a fairly simple premise: To create friction in the domain change process.

Under the CloudFlare Registrar, companies must have multiple employees approving changes to domain name settings at the same time.

Additionally, some of the more serious changes to domain settings can be set to take up to 10 days for completion. CloudFlare will also monitor for suspicious change requests and automatically renew domains before they expire.

"CloudFlare Registrar isn't for the masses, it's for organizations that would make a front-page story if they lost their domains," said CloudFlare CEO Matthew Prince. "There are plenty of great mass-market registrars available today, but now high-profile organizations don't need to settle for a one-size-fits-most security approach when it comes to their online brands."

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All