My domain got abused on GitHub Pages
2 days ago
- #DNS configuration
- #GitHub Pages security
- #subdomain-takeover
- The author discovered a subdomain takeover of kafka.immersivepoints.com due to misconfigured DNS records pointing to GitHub Pages with a wildcard entry.
- GitHub Pages allows any user to claim a subdomain via a CNAME file in a repository, leading to potential abuse, as the author's domain was used for scam sites without verification.
- The issue is known, with tools like can-i-take-over-xyz identifying vulnerable domains, and the author suggests GitHub improve verification, such as requiring TXT records or user consent for subdomain usage.
- The author reported the abuse to GitHub and recommends better warnings for unverified domains in repository settings to prevent similar incidents.