Security Experts:

Connect with us

Hi, what are you looking for?


Security Infrastructure

CloudFlare Launches Security-Focused Domain Registrar

Web performance and security company CloudFlare today announced the launch of CloudFlare Registrar, a security-focused service designed for organizations that own high-value domains.

Web performance and security company CloudFlare today announced the launch of CloudFlare Registrar, a security-focused service designed for organizations that own high-value domains.

High-profile domains can be targeted by malicious actors in DNS poisoning attacks, allowing them to redirect a site’s visitors to an arbitrary domain, or silently intercept and modify traffic.

Several major companies, including Google and Craigslist, have had their domains hijacked over the past years due to registrars that failed to prevent attackers from making unauthorized changes. In some rare cases, organizations forget to renew their domains, which can also result in financial loss and a negative impact on their reputation.CloudFlare launches registrar

Since it couldn’t find a high-security registrar to protect its domains, CloudFlare has decided to launch its own service and offer it to customers with high-value domains. The problem, according to the company, is that while security measures designed to protect domains and registrants exist, they haven’t been widely implemented.

CloudFlare Registrar customers will not have to worry about unauthorized changes to their domains as they can require formal approval from multiple stakeholders within their organization when making modifications, CloudFlare said. This is a very important procedure, as demonstrated by the 2013 incidents in which hacktivists of the group KDMS managed to hijack the domains of several high-profile companies after social engineering employees of Network Solutions.

“Customers who care enough about the security of their website to use CloudFlare are still at risk to domain hijacking via their registrar. By offering registrar services to CloudFlare Enterprise customers, we instantly eliminate the additional risk a third-party registrar may overlook,” explained Matthew Prince, co-founder and CEO of CloudFlare.

Another advantage for CloudFlare Registrar customers is that their domains will never expire — the security firm says its service will automatically renew them when there is less than one year before they expire.

CloudFlare Registrar is an ICANN-approved service created specifically for high-profile organizations, for which protecting their domains is a top priority; the offering is not for the general public.

“CloudFlare Registrar isn’t for the masses, it’s for organizations that would make a front-page story if they lost their domains,” Prince noted. “There are plenty of great mass-market registrars available today, but now high-profile organizations don’t need to settle for a one-size-fits-most security approach when it comes to their online brands.”

RelatedFive DNS Threats You Should Protect Against

RelatedFacebook, CloudFlare Want SHA-1 Alive in Older Browsers

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.


Identity and access governance vendor Saviynt has closed a $205 million financing round.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture


Security orchestration, automation and response (SOAR) provider Swimlane on Monday announced the launch of a security automation solution ecosystem for operational technology (OT) environments.

Cloud Security

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.

Incident Response

Created and maintained by MITRE, MITRE D3FEND is a framework that provides a library of defensive cybersecurity countermeasures and technical components to help organizations...