If someone buys a domain and one may type the URL in but just sees a template page from the registrar but doesn’t purchase a cPanel or VPS or root access or any way to edit the website, does the domain or website managed by a domain seller such as registrar.com require malware protection, spam detection or defacement protection or blacklist scanning related firewalls to prevent hijacking or hacking?
-
Domain hijacking is a DNS concern. Or, what do you mean by "hijack"?– schroeder ♦Commented Jun 22, 2021 at 16:11
-
Injecting malware onto the server, deface the website, steal ownership of the website, cause the website to be black listed.– CooCommented Jun 22, 2021 at 16:13
-
There is no server, so why is that a concern? There is no website to deface. The rest are DNS issues.– schroeder ♦Commented Jun 22, 2021 at 16:14
-
So if the purchased domain has an ip address that links to a generic Godaddy or register.com page but it’s not anything someone like me may edit, there’s no server to hack?– CooCommented Jun 22, 2021 at 16:17
-
Yeah, there's the godaddy server, but that's not your problem. There is also no site to deface. You are asking about protecting something that is not your responsibility to protect. The only thing you own and need to protect is the domain name.– schroeder ♦Commented Jun 22, 2021 at 16:17
Add a comment
|
1 Answer
does the domain or website managed by a domain seller such as register.com require malware protection, spam detection or defacement protection or blacklist scanning related firewalls to prevent hijacking or hacking?
Yes, but the registrar manages that for you. You have no control over any of those features.
Assuming you just bought the domain and haven't yet pointed an A record at any IP address yourself, security of the template page is not your concern. What the registrar is doing is setting the A record to point to an IP that they own, running a server that they administer. If you don't want to risk that server getting hacked and people associating your domain with a hacked site, then you can remove the A record so the domain doesn't load until you have your server set up and are ready to use it.