Take control of the security of your domains

Mar 14, 2019  - written by  in Domain names

As more attacks of greater impact take place, it’s important to be familiar with all the best practices to adopt in order to secure your domains.

Today, we’re providing you with the keys to a solid security strategy.

  1. Activate two-factor authentication (TOTP or U2F) to access your domain name control panel. This service adds an extra layer of security so that if your login credentials are compromised, your account will still be inaccessible to third parties trying to access your domain name portfolio.
  2. Implement IP restriction on logins to your account: this system adds a layer of extra security to your domain name management by preventing third parties from logging in from IP addresses other than those you’ve indicated on your list of authorized addresses.
  3. Activate automatic renewal in order to avoid losing strategic domains that could be used to steal your trademark, at least online.
  4. Enter precise and accurate information for your domain name registration details as well as for your administrative, technical, and billing contacts. This information needs to be correct so that registries can easily reach you.
  5. Lock important domain names at your registrar in order to avoid any unauthorized transfer. This service is sometimes called a “transfer lock” and means adding a status of “clientTransferProhibited” to your domain’s whois entry. A registrar will not be able to transfer a domain that has this status.
  6. Activate a registry lock on your important domain names using a “Registry Lock” service. A list of trusted people authorized to make changes to a domain name can be defined upstream by the registrar. Requests for transfers, owner changes, or DNS changes on any of your important domains are then verified by your registrar before being sent to the resgitry.
  7. Activate DNSSEC. This protocol lets a domain owner authenticate DNS responses on their entire DNS zone using cryptographic signatures.
  8. Implement Advanced DNS service to guarantee redundancy in nameservers as well as to prevent DDoS attacks or DNS outages.

We’ve also published an in-depth article dedicated to our products and features that allow you to secure the level of access to your domain.

Our Corporate services team can help you with managing your domain portfolio and can provide you with detailed, customized advice on the best strategy to use.

Of course, don’t hesitate to contact us about any of the costs or procedures involved in implementing the above strategies.

The Gandi Corporate team