Sub-domain takeover vulnerability found in Flywheel

S

Flywheel is a popular WordPress hosting platform. The platform allows users to build their own attractive and efficient websites. However, a report by Resecurity has stated that a Sub-domain takeover vulnerability associated with Flywheel has been found. 

First we have to understand what a Sub-domain is. A domain name usually consists of a domain and a TLD, as for example abc.xyz. Here abc is the domain, while xyz is the TLD. Sometimes there can be another name to the left of the domain. Such as pqr.abc.xyz. Here, pqr is the Sub-domain. 

Sub-domain takeover implies a situation in which an attacker gets access to the sub-domain of a host domain name. This situation happens when Canonical Name Records are used by the sub-domain. A Canonical Name Record maps one domain name with another. 

When no virtual host is assigned to the Canonical Record or when a virtual host is removed, it gives space for attackers. They can make their own virtual host. They also start getting access to sensitive host data and information. 

In order to prevent yourself from these vulnerabilities you should check available DNS Records. Read more about the news here.

The Wizard
Author: The Wizard

I write on a range of topics that includes Branding, Marketing, Acquisitions, Statistics and an especial emphasis on Domain Name. The opinions expressed may change from time to time as that is how a person and ideas evolve.

About the author

The Wizard

I write on a range of topics that includes Branding, Marketing, Acquisitions, Statistics and an especial emphasis on Domain Name. The opinions expressed may change from time to time as that is how a person and ideas evolve.

By The Wizard

Follow Us

DomainMagazine is a leading technology media property, dedicated to obsessively profiling domain name industry and breaking domain news.

The Wizard

I write on a range of topics that includes Branding, Marketing, Acquisitions, Statistics and an especial emphasis on Domain Name. The opinions expressed may change from time to time as that is how a person and ideas evolve.