Remove the restriction disallowing a domain to be used by more than one account

Scenario
We have clients that want white-labelled versions of our product but under their own domain. To achieve this, they want to be able point a subdomain to our Netlify app. In order to do this, I’ll have to add their subdomain as an alias for our app e.g. myproduct.othercompany.com and then they’ll have to add myproduct.othercompany.com as a CNAME that points to our Netlify app. We tried this and it works great so far.

Problem
We found out, however, that Netlify does not allow domains to be used by more than one account. So for clients that use Netlify for their own product(s), we won’t be able to add a subdomain of theirs as an alias for our app.

Proposed Solution
Remove the restriction disallowing a domain to be used by more than one account.

Let ownership be decided on a per-subdomain basis. If there are multiple users that add the same subdomain as aliases, Netlify can decide which app to route traffic to by looking up the DNS records for that subdomain and seeing which Netlify app it points to, proving ownership.

I imagine that as Netlify gains more users, this issue will come up more often. Revamping the rules around domain ownership will help alleviate these issues.

Thanks!

Hi @adibsaad Welcome to the Netlify Community!

I see one inherent issue with your proposed solution: Hijacking.

If a domain is usable under multiple accounts, what is to stop someone creating an account and setting up my domain to point traffic to another site that isn’t mine? For example, if I have an app that runs at members.example.com, by your solution (as I understand it) another user could also set up a site at members.example.com thus potentially hijacking all requests to my site and stealing the credentials of all my users.

Am I reading your proposal wrong?

I addressed that in the proposed solution. Netlify would decide which app to route traffic to by checking which Netlify app the subdomain CNAME record points to. They already do this. When you add a domain alias, it checks to you see that you added a CNAME record for that domain alias pointing to app-name.netlify.app.

So that part is already taken care of.

Are you using Netlify for DNS or external DNS?

A lot of DNS providers already do this, Cloudflare for instance. You can add any and all domains I own to your Cloudflare account, you would get different nameservers then I have, Cloudflare uses the nameservers set on the domain to determine who actually controls it.

So, even if you add a domain you do not own to Cloudflare, and even because the domain is already on Cloudflare, then your settings and dns records does absolutely nothing because the nameservers on the domain does not match the nameservers you where told to use by Cloudflare.

this is an interesting suggestion, @adibsaad ! I have passed it along to the product team. I can’t tell you when or if we might implement this, but if I hear anything, I will let you know here!