All Products
Search

This Product

    Domain Names:Security and compliance FAQ for domain names

    Document Center

    Domain Names:Security and compliance FAQ for domain names

    Last Updated:Nov 27, 2025

    This topic provides answers to some frequently asked questions about domain name security.

    Question navigation

    How do I diagnose and handle DNS hijacking?

    Domain Name System (DNS) servers are used to resolve domain names. When you visit a website or service using its domain name, a DNS server resolves the domain name to the IP address of the server that hosts the website or service. Requests can then be routed to the server to retrieve the requested information.

    DNS hijacking is a type of DNS attack that intercepts DNS queries on a particular range of network or across the entire network to block the DNS queries or return incorrect IP addresses. As a result, users fail to access correct services or are directed to unwanted or malicious websites.

    If DNS hijacking occurs, you can diagnose and handle it as follows:

    • On your local computer, run the `nslookup` command on a Windows host or the `dig` command on a Linux host to check if the resolved IP address is correct.

    • Use external tools to collect and confirm fault details, such as the scope of the hijacking. Report the test results to your Internet Service Provider (ISP) for complaint processing as soon as possible. You can also try changing the DNS to Alibaba Cloud DNS: 223.5.5.5 and 223.6.6.6. Then, check if the resolution is correct.

    • For services that you need to access urgently, access them directly using their IP addresses.

    Why is SMS verification required for configuring DNS settings?

    To keep your domain name safe, Alibaba Cloud Domains may require you to complete Short Message Service (SMS) verification when you configure DNS settings from an unusual computer or network. You need to enter the verification code sent to your mobile phone to complete the verification.

    If your phone number is working but you cannot receive the verification code, check the following:

    • The verification text message may be delayed. If you do not receive the code after a short period, try requesting a new one later.

    • Check if your mobile phone can send and receive text messages normally. For example, check if your service is suspended due to an overdue payment.

    • Check if the verification text message is blocked by third-party security software.

    • If you still cannot receive a verification code after trying the preceding methods, try installing the SIM card in another mobile phone.

    What do I do if my domain name is stolen?

    Contact the domain name registrar that currently manages the stolen domain name immediately after you find that your domain name is stolen. If the domain name was hosted on Alibaba Cloud before it was stolen, Alibaba Cloud tries its best to help you recover the domain name. Two scenarios could happen when a domain name hosted on Alibaba Cloud is stolen:

    • The domain name is stolen but is still managed by Alibaba Cloud.

      You must contact us and provide the relevant information as soon as possible so that Alibaba Cloud can take measures, such as locking the domain name, to prevent the domain name information from being modified or the domain name from being transferred out. You must also provide Alibaba Cloud with all documents that prove you are the domain name registrant.

    • The domain name is stolen and has been transferred from Alibaba Cloud. It is currently managed by another registrar.

      • Contact Alibaba Cloud

        If the stolen domain name has been transferred to another registrar, contact Alibaba Cloud at the earliest opportunity and provide information about the theft and transfer. You can request Alibaba Cloud to contact the current registrar for assistance in locking the domain name after you provide evidence that the domain name has been stolen or proof that the case has been reported and filed. This prevents the domain name information from being modified or the domain name from being transferred again.

      • Contact the current registrar

        If a stolen domain name is transferred to another registrar, you can contact the current registrar directly or ask Alibaba Cloud to contact them to file a complaint. You can find the current registrar of the stolen domain name using WHOIS. The current registrar usually processes the complaint within three business days and requires the registrant to provide evidence of the theft. This evidence includes the registrant's certificate documents and a recovery statement. Foreign registrars require that the evidence and statement be submitted in English.

        After the registrar receives your verification materials, the registrar verifies the materials and starts an investigation. The investigation typically takes a week. If the registrar confirms that the domain name was transferred without your consent, Alibaba Cloud creates an account at the current registrar. The current registrar transfers the stolen domain name to this account. You can contact Alibaba Cloud to obtain the account, which lets you recover the management of the domain name. You can choose to keep the domain name in the account or transfer the domain name back to Alibaba Cloud.