Protect your domain from DNS hijacking
Registrar lock, 2FA, nameserver monitoring, and habits that stop attackers redirecting your site or email.
How hijacking happens
Attackers phish registrar logins, exploit weak passwords, or social-engineer support to change nameservers or MX records. Visitors then hit fake sites; email routes through attacker servers. It is devastating and fast.
Registrar hygiene
Enable registrar lock (transfer lock), MFA on the registrar account, and role-based access — not a shared agency password from 2016. Use corporate email for registrar contact, not a personal Gmail that leaves with one staff member.
DNS monitoring
Alert on nameserver or MX changes. Snapshot DNS monthly and after any project. If your marketing site uses Cloudflare, secure that tenant separately from domain registration credentials.
Expiry and recovery
Expired domains can be snapped up and repointed maliciously. Turn on auto-renew, keep payment cards current, and know your registrar’s recovery process before an emergency. Pair with DMARC so spoofing is harder even if DNS is attacked.
Try it now
Run the related tools
Need a hand?
Run the tools. Then talk to us.
Use our free diagnostics to see what is wrong, then get Melbourne IT support for the fix.
Keep reading
More guides
Domain expiry and DNS basics
How registration, nameservers and records fit together — and how to avoid your site and email going dark overnight.
- Registration vs DNS hosting
- Records you should know
What is DNS?
How the internet finds your website and delivers your email — explained without jargon for business owners.
- DNS in plain language
- Why businesses should care