艾金森
Amazon hires Disney SVP Kyle Laughlin as director of Alexa Gadgets
Apple’s battery cases return for the iPhone XS and XR
The Future Of TV Is HTML
This Week On Bullish: Can The Bold Italic Come Back?
Microsoft Drops New Windows 10 Mobile Build, Promises Faster Release Cadence
Cisco Pops 2.5% After Reporting Better-Than-Expected FQ4 Revenue Of $12.84B
Yahoo Sags 4% After Alibaba's Q2 Earnings Disappointment
Microsoft Postpones Ship Date For Its 'Surface Hub' Wall Computer To January
You Can Now Run Windows 10 On Your Mac
Microsoft Drops Another Windows 10 Update
Zulily's Buyout Spike Leaves It Less Valuable Than When It Went Public
Microsoft Launches New Windows 10 Build, Vows To Keep Its Early Access Program Alive


漂流瓶终于彻底拜拜 微信7.0.4新版体验
微信漂流瓶被玩坏了 聊聊漂流瓶里那些事
微信关闭漂流瓶 它曾经满足了我们对世界的好奇
微信暂停漂流瓶功能:对色情内容零容忍
[视频]惠普Chromebook x360 14 G1评测:搭载Chrome OS的商务变形本
特斯拉:北京客户可三年免息融资购车并免费租赁车牌
借贷宝:停止催收百名裸条女大学生 未满23岁将不得借贷
京东白条多地频现盗刷 消费者遭催收公司“逼债”
借款野蛮催收行为将被规范 真是几家欢喜几家愁
为规范网贷催收 上海互金协会发行业倡议书
腾讯解释为什么微信没有夜间模式 真相你相信吗?
一张发行8年的微信唱片:只收录了4首歌曲


CloudFlare's New Domain Registry Protects Site Owners From Domain Hijacking

当前位置: 艾金森 > 门户 > 海外资讯

点击量 33
编辑: 1   作者: Techcrunch   时间: 2018/11/14 6:56:10  

CloudFlare, the security-focused content delivery network, already protects its customers from DDoS attacks and other attacks, but today, the company is taking another step to ensure its customers remain in control of their sites. CloudFlare is launching a domain registry service - CloudFlare Registrar - that?protects high-profile sites from domain hijackings and domain expiration (because they forgot to renew their domains). This service will be available to CloudFlare's paying Enterprise customers.

As CloudFlare argues, a domain name is only as secure as the security of the registrar that maintains it. Most registrars focus on consumers, though, and not high-profile sites - and hence their focus isn't necessarily on security or their standards aren't as high as you would expect from an enterprise-centric site.

"By offering registrar services to CloudFlare Enterprise customers, we instantly eliminate the additional risk a third-party registrar may overlook,” said Matthew Prince, co-founder and CEO of CloudFlare, in today's announcement. “Even in CloudFlare’s own search for a high-security registrar, we didn’t find anything that met our security standard. Rather than waiting for one to come onto the market, we built our own, fundamentally changing the way Registrar security is offered today.”

As CloudFlare also notes, domain hijacks aren't just a problem for high-profile sites, but also for API providers. "While domain hijacks have historically been outright web defacements or theft, an attacker can also choose be more subtle and proxy traffic to the original server, observing every user and tampering with any target," the company says. "This is a particular risk for API providers (such as mobile application or IoT backends), where the hijacking of a domain can remain undetected while being exploited to compromise many applications."

So how does CloudFlare secure domain names? Instead of using a single password for access to the registrar, CloudFlare Registrar users can opt to secure their domains by setting up a formal approval chain that includes multiple stakeholders who all have to agree to any change. That adds a lot of friction, but in this case, that's probably exactly what you'd want. In addition, CloudFlare also uses two-factor authentication for accessing all accounts.

The company also promises that domains registered with CloudFlare Register will?never expire. Domains will automatically renew a full year before they are scheduled to expire. This mitigates the risk of missing an email your registrar sent you a month before the domain expires.?In addition, CloudFlare also locks all domains to prevent unauthorized access.