Infrastructure Security

What Is Subdomain Takeover?

In Laravel Applications

Subdomain takeovers happen when you decommission a service (Heroku, GitHub Pages, S3) but forget to remove the DNS record. Regular DNS audits and continuous monitoring catch stale records before attackers exploit them.

Example

Your staging.yourapp.com CNAME points to a Heroku app you deleted. An attacker creates a new Heroku app on that hostname and now controls staging.yourapp.com, which they use for phishing.

Related Terms

DNS Security

The practice of protecting Domain Name System infrastructure from attacks and misconfigurations. DNS security includes preventing cache poisoning, unauthorized zone transfers, subdomain takeovers, and ensuring proper email authentication (SPF, DKIM, DMARC).

Attack Surface

The total set of points where an attacker can try to enter or extract data from a system. This includes every API endpoint, open port, login form, file upload, third-party integration, and piece of infrastructure reachable from the outside.

Phishing

A social engineering attack where an attacker impersonates a trusted entity to trick victims into revealing sensitive information (credentials, financial data) or performing harmful actions (clicking malicious links, downloading malware). Phishing typically occurs via email but also through SMS, phone calls, and fake websites.

Related Articles

The Complete Laravel Security Checklist for 2026

A comprehensive, 30-point security checklist covering every layer of your Laravel application. From .env protection and security headers to debug mode detection and DNS security.

Continuous Security Monitoring vs Annual Pentesting: What Your Laravel App Actually Needs

A side-by-side comparison of continuous security monitoring and annual penetration testing. Learn when you need each, what they cost, and how they work together to protect your Laravel application.