Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


11:46 AM
Dark Reading
Dark Reading
Products and Releases

CloudFlare Introduces the Industrys First Security-Focused Registrar

Designed for Security, Not the Masses, CloudFlare Registrar is the first ICANN-Accredited Registrar Built for High-Profile Domains

SAN FRANCISCO, February 23, 2015CloudFlare, the leading Internet performance and security company, today launched CloudFlare Registrar, to bring large enterprises the highest level of security available and to protect their web domains from unauthorized changes. One of the biggest risks for high-profile customers is having their domains hijacked--meaning their sites are redirected or compromised without the site owner’s approval. Now, domain hijacking, domain expiration, or loss of control over an external account are all prevented with CloudFlare Registrar.

The security of a domain name is only as robust as the security of the registrar used to maintain it. Many domains on the Internet, even the highest-value domains belonging to large household name brands, are managed through consumer-focused registrars with limited security features. Domain hijacks--whether they are conducted by third party attackers or rogue employees--can be difficult to detect. What’s more, reclaiming a domain can be an arduous, expensive, reputation-damaging process that is never guaranteed.

“Customers who care enough about the security of their website to use CloudFlare are still at risk to domain hijacking via their registrar. By offering registrar services to CloudFlare Enterprise customers, we instantly eliminate the additional risk a third-party registrar may overlook,” said Matthew Prince, co-founder and CEO of CloudFlare. “Even in CloudFlare’s own search for a high-security registrar, we didn’t find anything that met our security standard. Rather than waiting for one to come onto the market, we built our own, fundamentally changing the way Registrar security is offered today.”  

With CloudFlare Registrar, owners of high-value domains can protect themselves with enterprise-grade, customizable domain security and integrate domain renewal into their IT department workflow. This protects enterprises from the unexpected consequence of losing their domain, resulting in damage to their brand’s reputation, complete loss of their security functionality, control over their website’s content, and the potential to redirect web traffic to another IP address.

While domain hijacks have historically been outright web defacements or theft, an attacker can also choose be more subtle and proxy traffic to the original server, observing every user and tampering with any target. This is a particular risk for API providers (such as mobile application or IoT backends), where the hijacking of a domain can remain undetected while being exploited to compromise many applications.

Rather than limiting registrar account security to a single shared password or email address, customer can now require formal approval from multiple independent stakeholders within the organization to make any change. By adding friction to the process, it prevents the worst-case consequences of domain compromise. Web properties using CloudFlare Registrar will never expire; all domains will automatically renew when they have less than one year left on their registration term.

Domain name registrars, registry operators, and the governing body ICANN, have developed various security measures to protect domains and registrants--but they have not been widely implemented. "With other technologies like certificates, if anyone trusted is compromised, everyone is at risk. DNS isn't like that, you can manage your risk by choosing which registrar you trust.  And the risk is significant, networks can be no safer than the DNS infrastructure that links them. CloudFlare integrating registrar security into their broad product line reflects a commitment to a deep level of security on the public Internet." said Dan Kaminsky, DNS security expert and chief scientist and co-founder of White Ops.

“CloudFlare Registrar isn’t for the masses, it’s for organizations that would make a front-page story if they lost their domains,” Prince said.  “There are plenty of great mass-market registrars available today, but now high-profile organizations don’t need to settle for a one-size-fits-most security approach when it comes to their online brands.”

Interested CloudFlare Enterprise customers should contact their dedicated account managers to get started with CloudFlare Registrar. If you are not a current customer, learn how CloudFlare can help fully lock down your domains today.

About CloudFlare

CloudFlare, Inc. (www.cloudflare.com / @cloudflare) makes any Internet application lightning fast, protects them from attacks, ensures they are always online, and makes it simple to add web apps with a single click. Regardless of size or platform, CloudFlare supercharges Internet applications with no need to add hardware, install software, or change a line of code. The CloudFlare community gets stronger as it grows: every new site makes the network smarter. More than 5 percent of global Internet requests flow through CloudFlare's network; every month more than 2 billion people experience a faster, safer, better Internet. CloudFlare was recognized by the World Economic Forum as a Technology Pioneer, named the Most Innovative Network & Internet Technology Company for two years running by the Wall Street Journal, and ranked among the world's 50 most innovative companies by Fast Company. CloudFlare has offices in San Francisco, Champagne, IL, Washington, DC, London, and Singapore


Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-04-20
A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation.
PUBLISHED: 2021-04-20
vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration.
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed....
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only...
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be used as DNS redirectors to tunnel arbitrary data over DNS. NOTE: The aff...