DNS Services - 101Domain.com

Owned by Andrew Watkins
Last updated: 22-01-2020
2 min read

Title

DNS Services 101Domain.com

Use

Points Voluntarily, OMGTech and PCFT domains at their respective websites

Allows setup of MX, TXT and other records that are used to show ownership of the domain to service providers such as AWS.

Also provides web forwarding from the .ly to the .nz domain.

Owner

https://voluntarily.atlassian.net/wiki/spaces/VP/pages/106987604

Location

https://my.101domain.com/?view_lang=en_US

Cost

annual domain renewal charges

Billing

Vaughan's Credit Card [I think]

 

 

Access Control

Access is currently via a single login

username: andrew.watkins

password: see LastPass

2FA enabled. Andrews Authy iPhone App.

Admin Permissions Process

Access may be delegated by Operations manager to a member of the Dev or Ops team to allow renewal, management and configuration of domains.

Anyone wishing to use the shared account name and password must setup their own 2FA device.

Revoking Permissions

If it is necessary to prevent access to the account then the password should be changed. This will then restrict access to those who

a) have access to the LastPass password

b) have previously configured 2FA

Auditing Permissions and Changes

Regularly check -

The listed domains and expiry dates

https://my.101domain.com/dQBkAQAQAA07uhLlZi89nQm6zqh_dlYrXIRL2DXDsk1QiHacqX0CREWOkrhpkO4jDywvL0XGcxdnSiUiT_EXBzDwrD_GVUuCvf9_q77iWIxNVVz-OG/g1.html

The IP Access logger

https://my.101domain.com/dQBkAQAQAMtdg4Ze8LHp0mcQLS6UJPdLECNdg17XtPkSss6nEmt6EPT-UBYgTdugH0lWdfSbOFJg0l8u643CP7E8XpRa-6zlnKF1_GyztdOFzt5C2-/WO.html

Asset Backup and disaster recovery

There’s nothing we can particularly backup here.

In the event of a DR incident, we may need to configure DNS to point our domains at a new server or services.

In the worst-case scenario we would have to

  1. Purchase and configure a new domain on a new domain service provider

  2. Confirm domain to the platform services that require a verified domain: Auth0, AWS

  3. Communicate the new domain to the customer base.

Risk Impact of losing access to service

If the DNS service becomes unavailable people wishing to access the Voluntarily platform would not be above to convert https://voluntarily.nz to the appropriate IP address. This may not be noticed for a while due to DNS caching.

If someone gained access to the account they would be able to redirect traffic from our site to somewhere else - potentially a similar-looking spoof site that might try to access user credentials.

Access to the account is protected by allowing only a limited number of people to manage the service and requiring 2FA to be set up for each person.