Web performance and security company CloudFlare today announced the launch of CloudFlare Registrar, a security-focused service designed for organizations that own high-value domains.
High-profile domains can be targeted by malicious actors in DNS poisoning attacks, allowing them to redirect a site’s visitors to an arbitrary domain, or silently intercept and modify traffic.
Several major companies, including Google and Craigslist, have had their domains hijacked over the past years due to registrars that failed to prevent attackers from making unauthorized changes. In some rare cases, organizations forget to renew their domains, which can also result in financial loss and a negative impact on their reputation.
Since it couldn’t find a high-security registrar to protect its domains, CloudFlare has decided to launch its own service and offer it to customers with high-value domains. The problem, according to the company, is that while security measures designed to protect domains and registrants exist, they haven’t been widely implemented.
CloudFlare Registrar customers will not have to worry about unauthorized changes to their domains as they can require formal approval from multiple stakeholders within their organization when making modifications, CloudFlare said. This is a very important procedure, as demonstrated by the 2013 incidents in which hacktivists of the group KDMS managed to hijack the domains of several high-profile companies after social engineering employees of Web.com-owned Network Solutions.
“Customers who care enough about the security of their website to use CloudFlare are still at risk to domain hijacking via their registrar. By offering registrar services to CloudFlare Enterprise customers, we instantly eliminate the additional risk a third-party registrar may overlook,” explained Matthew Prince, co-founder and CEO of CloudFlare.
Another advantage for CloudFlare Registrar customers is that their domains will never expire — the security firm says its service will automatically renew them when there is less than one year before they expire.
CloudFlare Registrar is an ICANN-approved service created specifically for high-profile organizations, for which protecting their domains is a top priority; the offering is not for the general public.
“CloudFlare Registrar isn’t for the masses, it’s for organizations that would make a front-page story if they lost their domains,” Prince noted. “There are plenty of great mass-market registrars available today, but now high-profile organizations don’t need to settle for a one-size-fits-most security approach when it comes to their online brands.”
Related: Five DNS Threats You Should Protect Against
Related: Facebook, CloudFlare Want SHA-1 Alive in Older Browsers