Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

+1 for more restrictions on DNS API tokens. Ways to mitigate the riscs:

    - Separate account per domain .. which is a lot of work, see acceptation process in other comments

    - Use a NS record for _acme-challenge.domain.tld when having the DNS hosted elsewhere and point this to the Hetzner DNS servers


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: