Closed Cieper closed 2 months ago
The new block for Hypernode B.V.
is properly sorted below the existing block for HostyHosting
.
@Cieper For our bookkeeping, could you please list any third party services that partition or aggregate data based on public suffixes?
@Cieper Any updates?
@Cieper Any updates?
Apologies for the delay. I think I've added all the information requested.
Public Suffix List (PSL) Pull Request (PR) Template
Each PSL PR needs to have a description, rationale, indication of DNS validation and syntax checking, as well as a number of acknowledgements from the submitter. This template must be included with each PR, and the submitting party MUST provide responses to all of the elements in order to be considered.
Checklist of required steps
[x] Description of Organization
[x] Robust Reason for PSL Inclusion
[x] DNS verification via dig
[x] Run Syntax Checker (make test)
[x] Each domain listed in the PRIVATE section has and shall maintain at least two years remaining on registration, and we shall keep the _PSL txt record in place in the respective zone(s) in the affected section
Submitter affirms the following:
For Private section requests that are submitting entries for domains that match their organization website's primary domain, please understand that this can have impacts that may not match the desired outcome and take a long time to rollback, if at all.
To ensure that requested changes are entirely intentional, make sure that you read the affectation and propagation expectations, that you understand them, and confirm this understanding.
PR Rollbacks have lower priority, and the volunteers are unable to control when or if browsers or other parties using the PSL will refresh or update.
(Link: about propagation/expectations)
[x] Yes, I understand. I could break my organization's website cookies etc. and the rollback timing, etc is acceptable. Proceed.
Description of Organization
Hypernode B.V. provides managed hosting for e-commerce websites running popular open source software such as Magento, Shopware, and Woocommerce, on both dedicated and virtual machines. Customers receiving a hosting environment that is referenced and available via a subdomain of the
hypernode.io
domain, i.e.example.hypernode.io
, and are able to create subdomains under that again (prod.example.hypernode.io
,dev.example.hypernode.io
, etc). This system allows them to access their application for testing purposes, before changing over their DNS records. I'm the Security Officer, and a former engineer, at Hypernode B.V.Organization Website:
https://www.hypernode.com/
Reason for PSL Inclusion
The main reason for inclusion in the PSL is Cookie Security. Each subdomain of the
hypernode.io
is a separate customer running an e-commerce platform. While the subdomains, such asexample.hypernode.io
, are not meant to be used in production, misconfigurations may inadvertedly make them accessible. A secondary reason is that third party systems for SEO optimisation, advertisement, etc, have been known to display to a users of their system all data gathered from both their own subdomain, but also other subdomains not associated with this user. The most recent issue here was Google Tag Manager's "tagcoverage" overview showing links from one customer's subdomain to another customer.We have been using this
hypernode.io
subdomain setup for approximately 10 years, and we have no intentions at all to change this system. The assumption of thehypernode.io
subomain is integrated into our entire codebase, documentation, and is well known by our customer base of many years. The domain registration has been extended by 2 years.Number of users this request is being made to serve:
We currently have 3400 active subdomains.
DNS Verification via dig
Results of Syntax Checker (
make test
)