A customer calls: your website is down. You check — they are right. Nothing loads, emails are bouncing, and your domain returns a “server not found” error. Your domain is not resolving.

Most of the time this is a technical failure — an expired domain, a misconfigured DNS change, a hosting outage. Frustrating, but fixable. Sometimes it is something worse.

What Does “Domain Not Resolving” Mean?

When a domain does not resolve, the DNS lookup for your domain fails to return a valid IP address. Visitors’ browsers cannot find where your website lives, so they cannot connect at all.

DNS resolution can fail for several reasons:

Domain registration expired. Every domain must be renewed periodically — usually annually. If you miss the renewal, the registrar suspends the domain immediately. Your website and email go offline.

DNS records deleted or misconfigured. A change to your DNS settings — by you, by a hosting provider, or by an attacker — that removes or corrupts your records will cause resolution failures.

Nameserver failure. If your nameservers go offline or your domain’s nameserver configuration is changed, DNS queries fail for everyone trying to reach you.

Domain suspended by registry. Domain registries (Nominet for .uk domains, Verisign for .com) can place holds on domains for unpaid fees, complaints, or court orders. A suspended domain does not resolve.

The Security Concern: Domain Hijacking

Domain hijacking is the unauthorised transfer or modification of a domain’s registration — typically by an attacker who has gained access to the domain registrar account.

How does this happen?

  • Compromised registrar account. The most common route: an attacker obtains the login credentials for your registrar account through phishing, a data breach, or password reuse — and logs in. From there, they can change nameservers, transfer the domain, or delete DNS records.
  • Phishing the registrar. Attackers have successfully impersonated domain owners to registrar support teams, convincing staff to make changes through social engineering alone.
  • Expired domains and typosquatting. If you let your domain lapse even briefly, an automated system may register it before you can renew. Attackers then control what visitors see — and can intercept email sent to your old domain.

Once an attacker controls your domain, they can:

  • Point your website to a phishing page that harvests customer credentials
  • Redirect your email to an address they control
  • Obtain new SSL certificates for your domain using DNS-based validation
  • Hold the domain for ransom

Real-World Cases

In 2019, the “Sea Turtle” and “DNSpionage” campaigns documented by FireEye and Cisco Talos showed attackers compromising DNS infrastructure to redirect web and email traffic for government agencies and telecoms. In some cases, attackers intercepted email for months before the intrusion was discovered. The victims’ servers were never touched.

Closer to everyday business experience: in 2023, a UK marketing agency reported its domain had been transferred to a new registrar after attackers gained access to the original registrar account via a password that had appeared in a data breach. The agency was offline for three days while the transfer was disputed and reversed.

What to Do Next

For prevention:

  • Use a strong, unique password for your domain registrar account and enable Two-Factor Authentication (2FA). Most major registrars including Namecheap, 123-reg, and GoDaddy support 2FA. This is the single most important step.
  • Enable domain lock (Registrar Lock or Transfer Lock). This prevents your domain from being transferred to another registrar without an explicit unlock step.
  • Keep renewal contact details and payment methods up to date. Most domain lapses happen because renewal notices went to an old email address.
  • Set auto-renew. Enable automatic renewal and never let your domain expire.
  • Consider DNSSEC. DNSSEC adds cryptographic protection to your DNS records, making it harder for attackers to tamper with them.

If your domain is not resolving right now:

  1. Check your domain’s expiry date at your registrar.
  2. Check whether your nameserver configuration has changed unexpectedly.
  3. Log into your registrar and check for any unauthorised account activity.
  4. Contact your registrar’s support immediately if you suspect unauthorised access.

W3IT’s free security check checks whether your domain resolves correctly and flags common DNS configuration issues. Run it now — and if your domain is not resolving, find out why before your customers discover it first.