What happens if a domain name is hijacked? How to solve domain name hijacking?

Recently, Baidu search engine found that some website users were hijacked when searching, which had a negative impact on search users.

Through the analysis of background data, these problems are mostly caused by "malicious hijacking" or "hijacking by third-party website links" within the site.

What is Domain Hijacking?

DNS hijacking, also known as domain name hijacking, refers to attacking the domain name resolution server or forging the domain name resolution server to resolve the target website domain name to the wrong address, thereby preventing users from accessing the target website or causing the website to open slowly.

DNS hijacking is extremely harmful. On the one hand, it affects the user's online experience. Users are led to fake websites and cannot browse the web normally. In particular, the adverse impact will continue to expand after the domain name of a website with a large number of users is hijacked. On the other hand, users may be lured to fake websites to log in and perform other operations, resulting in the leakage of privacy data.

What happens if a domain name is hijacked?

When the user finishes browsing a web page, the following happens when they click the Back button:

1. Unable to go back. When clicking back, the page does not respond and the content does not change.

2. Go back to the "fake Baidu page" and the search results will dominate the screen.

3. Return to low-quality web pages, such as spam and deceptive web pages.

How to solve domain name hijacking

1. Transform the website to HTTPS

2. Pay attention to network security, use legal weapons to safeguard legitimate rights and interests, and bring public prosecutions against network hijacking operators.

3. Limit zone transfers to authorized devices only.

4. Use firewall services at the network perimeter and on the DNS server to limit access to only those ports/services required for DNS functionality.

5. Use transaction signatures to digitally sign zone transfers and zone updates.

6. Promote third-party websites to convert to HTTPS or conduct self-inspection, and fully communicate with third-party resource providers to ensure that there is no deliberate cheating in the use of third-party resources for website statistics, website optimization, advertising, etc.

7. Run separate domain name servers in different networks to achieve redundancy.

8. Hide the BIND version running on the server.

9. Separate external and internal domain name servers and use forwarders.

10. Limit dynamic DNS updates.

11. Delete unnecessary services running on the DNS server, such as FTP, TEL, and HTTP.

At the same time, Baidu will also send notifications to high-risk websites and require websites with this problem to check and repair them as soon as possible. Temporary control of search presentation will be taken to reduce the impact on search users while the website is still not fixed and will be fixed within a week.