Random TLD Name, Numbers and Letters, for Added Security?

Question

I have a client app that faces the internet, but only clients will access. The site should never be indexed or crawled or viewed outside of our clients. We always concerned about DDOS and attempts to gain access. If the system can add one more level of being hidden, or harder to find, I don't see the negatives.

Users will never have to enter the domain name (think kiosks), and admins can use bookmarks. Yes, security by obscurity is no solution and never relied upon. But if you can add it to an existing and robust secured system, why not?

Is there any downside to having a random domain name like j398sh3-3nj23j.com?

I would love to hear some thoughts and opinions.

Answer 1

If you're never using where anyone will see it (even by rDNS on an incoming connection from your server), then the only real drawback is that you're paying for it when you could as easily use a random subdomain under a domain you already control (e.g. j398sh3-3nj23j.example.com).

But it'll provide zero protection from DDOS or attempts to gain access, as anyone who is in a position to extract a normal domain name from your client app will probably be able to extract this random domain name just as easily, and they may not even bother with domain names and just get the IP address your client is connecting to anyway.

Answer 2

Emphatically speaking, that's useless. As was pointed out above, using some subdomain of your own would cost less, be saner, and have more utility.

If you have a number of nodes on a private network that is not physically private, use a good VPN system and machine authentication with certificates. If you do that, nothing is accessible except the Internet-facing VPN software, and that can easily ignore anything that's not legitimate.