Add note about domain expiry risks in hosting docs #357
Description
Motivation
If a developer uses a custom domain for authentication and eventually loses that domain—such as by forgetting to renew it with their registrar—there’s a risk that users will no longer be able to sign in. If user identities are derived from the domain and are tied to assets, they could lose access to those assets. Worse, if someone takes over the domain, they could deploy a fake version of the original app and trick users into taking malicious actions.
Long story short: If a developer sets up a custom domain, they should enable auto-renewal with their domain registrar.
What to do
We should explain this in the hosting documentation.