This topic answers frequently asked questions about domain name security.
Question navigation
How do I diagnose and handle DNS hijacking?
When you visit a website, a DNS server resolves the domain name you enter into the IP address of the server that hosts the website. This allows your browser to route requests to the correct server.
DNS hijacking is a DNS query interception attack. An attacker intercepts DNS queries to either block access to a service or return an incorrect IP address, redirecting users to a malicious website.
If you suspect DNS hijacking, take the following steps to diagnose and resolve the issue:
On your local machine, use the
nslookupcommand (on Windows) or thedigcommand (on Linux) to check if the domain name resolves to the correct IP address.Use third-party network diagnostic tools to determine the scope of the issue and report your findings to your Internet Service Provider (ISP). You can also try changing your local DNS resolver to Alibaba Cloud Public DNS (
223.5.5.5and223.6.6.6) and check if the resolution is correct.For urgent access, connect to the service directly using its IP address.
Why is SMS verification required for configuring DNS settings?
To protect your domain name, Alibaba Cloud requires SMS verification when you attempt to change DNS settings from an unrecognized device or network. This is an additional security measure to prevent unauthorized modifications.
If your mobile phone is working but you cannot receive the verification code, check the following:
There may be a network delay. Wait a few moments before requesting a new code.
Confirm that your mobile service is active and not suspended due to an overdue payment.
Check if any third-party security software on your phone is blocking the message.
As a final step, try moving your SIM card to a different phone to see if the issue is with the device.
What should I do if my domain name is stolen?
If you suspect your domain name has been stolen (transferred to another account or registrar without your authorization), your first step is to contact the current registrar. If your domain name was registered with Alibaba Cloud before the unauthorized transfer, we will assist you with the recovery process. The recovery process depends on where the domain name was transferred.
Scenario 1: The domain name is in a different Alibaba Cloud account
Contact us immediately. We will lock the domain name to prevent further changes or transfers. You will be required to provide documentation proving that you are the legitimate registrant of the domain name.
Scenario 2: The domain name has been transferred to another registrar
Contact Alibaba Cloud
If your domain name was transferred away from Alibaba Cloud without authorization, contact us immediately. After you provide proof of ownership and evidence of the theft (such as a police report), we will contact the gaining registrar on your behalf to request a domain name lock. A lock prevents further modifications or transfers.
Contact the current registrar
You must also contact the current registrar directly to file a theft complaint. Use a WHOIS lookup to identify the current registrar. You will need to provide proof of ownership, which may include identification documents and a signed recovery statement. For registrars outside of China, these documents must be in English.
After verifying your documentation, the current registrar will investigate. If they confirm the theft, they will coordinate with Alibaba Cloud to return the domain name to an account that you control. Once recovered, you can manage the domain name at the new registrar or transfer it back to Alibaba Cloud.