By default, a given domain can be used by only one project at a time. This security measure prevents malicious actions such as registering a project with the evil.example.com subdomain and using that to set cookies on your example.com website.
Subdomain hijacking protection ensures that no other users can add a subdomain to their project as long as you don’t use wildcard DNS records pointing to Upsun.
The solution to this is adding a TXT record to your DNS provider. So when you add a TXT record for example.com, Upsun treats example.com as a top-level domain. That means it isn’t reserved and is open for other projects.
The TXT record should look like the following:
_public-suffix-root.YOUR_DOMAIN TXT "public-suffix-root=YOUR_DOMAIN"Replace YOUR_DOMAIN with your actual domain name. This adds your domain to the Upsun implementation of the Public Suffix List.
If after adding the TXT record to your DNS provider, you still cannot add a domain to your project or if you have any further questions in this regard, please do not hesitate to open a support ticket.
Comments
Please sign in to leave a comment.