Another account has hijacked my domain by creating a S3 bucket with the same name

0

I have a Hosted Zone for my domain in Route53.

In S3 I have a bucket named www.mydomain.co.uk set up for website hosting and in Route 53 I have an A record for www.mydomain.co.uk pointing to that . I am unable to create a mydomain.co.uk (without www) bucket as the name is already taken.

I noticed when going to mydomain.co.uk it was loading a site that is not mine! I have tried some things and it seems another account is "hijacking" my domain. When I go to mydomain.co.uk it takes me to their s3 site. I have confirmed its S3 by trying http://mydomain.co.uk.s3-website-eu-west-1.amazonaws.com (this is not my bucket name) and it loads the same rogue site.

I have tried creating another A record in Route 53 for mydomain.co.uk as an alias to the www.mydomain.co.uk record but this didn't work.

Is there anything I can do to resolve this? How are they able to do this when I own the domain?

3 Answers
3

Hi There

Owning a domain name is not the same as S3 bucket naming. S3 bucket names have to be unique, and there is no way to stop another AWS user from using your domain name for their bucket. However, there is an alternative way to deploy your site. You can use CloudFront to serve a static website that’s hosted on Amazon S3. You can then point your DNS to the CloudFront distribution. If you use Route53 for DNS, you use an "ALIAS" record to point the "non-www" domain to the CloudFront Distribution. See https://repost.aws/knowledge-center/cloudfront-serve-static-website and https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html

profile pictureAWS
EXPERT
Matt-B
answered 3 months ago
profile picture
EXPERT
reviewed 3 months ago
profile picture
EXPERT
reviewed 3 months ago
EXPERT
Leo K
reviewed 3 months ago
profile picture
EXPERT
reviewed 3 months ago
profile pictureAWS
EXPERT
reviewed 3 months ago
2
Accepted Answer

Indeed, S3 static website hosting isn't a recommended option. It's best to set up a CloudFront distribution and point it to the S3 bucket, as Matt-B correctly advised. It will give a number of benefits, including caching, the ability to use Web Application Firewall to control traffic or AWS Shield Advanced for DDoS protection, selectively routing some parts of the website to static files in S3 and others to custom Lambda code or web application server, and many other options.

Fundamentally, the cause of your problem is that the basic static website hosting for S3 is based on the bucket being named identically with the website, and anyone can create a bucket with any website's name without proving any ownership over the domain name.

The best option, regardless of whether the name has been hijacked already, is disabling static website hosting for your S3 bucket and setting up a CloudFront distribution to receive traffic from end users and use Origin Access Control (OAC) for CloudFront to authenticate to your S3 bucket. Point your DNS names to the CloudFront distribution in the Route 53 hosted zone. This setup will not be possible for anyone to hijack and doesn't involve the legacy static website hosting option in S3.

EXPERT
Leo K
answered 3 months ago
profile picture
EXPERT
reviewed 3 months ago
profile picture
EXPERT
reviewed 3 months ago
0

Thanks for the response.

I appreciate that there is no way to stop another AWS user from using my domain name for their bucket - and I will look I to the solution. Can you explain how are they able to use my domain?

answered 3 months ago
  • Where is your domain registered? Can you verify that the Name Servers are pointing to your Route53 tenant?

  • They can receive traffic for your domain name by you having alias records of the type "Alias to S3 website endpoint" in your Route 53 hosted zone. If you delete the record, the site they are serving will stop working. However, you won't be able to use S3's legacy static website hosting option yourself to serve the site, since the other party already has a bucket matching your site's name. You'll have to use CloudFront.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions