IT.COM

domains Cloudflare Domain Protection

Spaceship Spaceship
Watch
Lox

Lox

____Top Member
VIP
Impact
12,385

Introducing Cloudflare Domain Protection — Making Domain Compromise a Thing of the Past​

A Triple-Locked Approach​

Our approach to securing domains with Domain Protection is quite straightforward: identify the various attack vectors, and design a layered security mode to address each potential threat.

Before we take a look at each security layer, it’s important to understand the relationship between registrars and registries, and how that impacts domain security. You can think of registries as the wholesaler of domain names. They manage the central database of all registered domains within the Top-Level-Domain (TLD). They are also responsible for determining the wholesale pricing and establishing TLD specific policies.

Registrars, on the other hand, are the retailer of domains and are responsible for selling the domains to the end user. With each registration, transfer, or renewal, the registrar pays the registry a transaction fee.

Registrars and registries jointly manage domain registrations in what’s called the Shared Registration System (SRS). Registrars communicate with registries using an IETF standard called the Extensible Provisioning Protocol (EPP). Embodied in the EPP standard are a set of domain status that can be applied by registrars and registries to lock the domain and prevent updates, deletions, and transfers (to another registrar).

Registrars are able to apply “client” locks, frequently referred to as Registrar Locks. Registries apply “server” locks, also known as Registry Locks. It’s important to note that the registry locks always supersede the registrar locks. This means that the registrar locks cannot be removed until the registry locks have been removed.

Now, let’s take a closer look at our planned approach.

We start by applying the EPP Registrar Locks to the domain name. These are the EPP client locks that prevent domain updates, transfers, and deletions.

We then apply an internal lock that prevents any API calls to that domain from being processed. This lock functions outside of EPP .....

read more (cloudflare)
 
Click to expand...
Reply
3
2 Thanks
1 Like
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Sort by date Sort by points
Cloudflare are great. I have no doubt that their solution is top notch.
 
Click to expand...
Reply
0
0 Like
0 Thanks
•••
Log in or sign up to reply here.

Similar threads

News
information Dot .in Registry adamant about privacy settings removal
7 replies
642 views
Mr. Deleted
Mr. Deleted
jberryhill
registries More crazy .in domain regulations in the pipeline
1 reply
519 views
anantj
anantj
News
registries Namecheap CEO on Registry Price Increases
1 reply
530 views
DNSSEC
DNSSEC
Lox
domains A New ICANN Project to Measure Metadata on Domain Names
0 replies
277 views
Lox
Lox
Lox
domains Google On Hyphens In Domain Names
14 replies
1K views
Samer
Samer

We're social

Latest news

Escrow.com

New posts

Auction activity

Domain Recover

What non .com extensions have you sold in 2024?

Polls of interest

Popular this week

Community favorite

Popular this month

Blog favorites

  • The sidebar remains visible by scrolling at a speed relative to the page’s height.
Back