CloudFlare launches web domain protection service CloudFare Registrar

CloudFlare, the Internet performance and security company, has launched CloudFlare Registrar, to help large enterprises protect their web domains from unauthorised changes. One of the biggest risks for their high-profile customers is having their domains hijacked – meaning their sites are redirected or compromised without the site owner’s approval. Now, domain hijacking, domain expiration, or loss of control over an external account can be prevented with CloudFlare Registrar, says the company. “Customers who care enough about the security of their website to use CloudFlare are still at risk to domain hijacking via their registrar. By offering registrar services to CloudFlare Enterprise customers, we instantly eliminate the additional risk a third-party registrar may overlook,” said Matthew Prince, co-founder and CEO of CloudFlare. “Even in CloudFlare’s own search for a high-security registrar, we didn’t find anything that met our security standard. Rather than waiting for one to come onto the market, we built our own, fundamentally changing the way Registrar security is offered today.” With CloudFlare Registrar, owners of high-value domains can protect themselves with enterprise-grade, customizable domain security and integrate domain renewal into their IT department workflow. This protects enterprises from the unexpected consequence of losing their domain, resulting in damage to their brand’s reputation, complete loss of their security functionality, control over their website’s content, and the potential to redirect web traffic to another IP address. While domain hijacks have historically been outright web defacements or theft, an attacker can also choose to be more subtle and proxy traffic to the original server, observing every user and tampering with any target. This is a particular risk for API providers (such as mobile application or IoT backends), where the hijacking of a domain can remain undetected while being exploited to compromise many applications. Rather than limiting registrar account security to a single shared password or email address, customers can now require formal approval from multiple independent stakeholders within the organization to make any change. By adding friction to the process, it prevents the worst-case consequences of domain compromise. Web properties using CloudFlare Registrar will never expire; all domains will automatically renew when they have less than one year left on their registration term. Domain name registrars, registry operators, and the governing body ICANN have developed various security measures to protect domains and registrants – but they have not been widely implemented. “With other technologies like certificates, if anyone trusted is compromised, everyone is at risk. DNS isn’t like that, you can manage your risk by choosing which registrar you trust. And the risk is significant; networks can be no safer than the DNS infrastructure that links them. CloudFlare integrating registrar security into their broad product line reflects a commitment to a deep level of security on the public Internet,” said Dan Kaminsky, DNS security expert and chief scientist and co-founder of White Ops.