May 12, 2026•By Robert Miller, Chief Security Officer
Beyond Nameservers: Why EPP Registrar Locks are Crucial
The Threat of Domain Hijacking
Domain hijacking occurs when an unauthorized entity gains control of a domain registration, changing nameserver delegations or owner records. Once nameservers are changed, attackers can redirect web traffic, hijack corporate emails, and issue rogue certificates in minutes.
Extensible Provisioning Protocol (EPP) Status Codes
To prevent unauthorized changes, registries support EPP status locks:
The Auditing Checklist
Ensure that all high-value root domain assets have active transfer locks at the registrar. Check RDAP/WHOIS status queries for your domains and flag any domain that does not show `clientTransferProhibited` as an immediate security risk.