Westminster isn’t the only place where Brexit is causing issues. Britain’s decision to leave the European Union (EU) is also causing problems in Brussels where the European Commission, the EU’s executive body, is struggling with what to do with UK registered .eu domains once the UK has left. At one point, it looked like it …
Imagine this scenario: your customer service line gets a call from the owner of a small business whose e-commerce website is hosted through your service. The owner is in a panic. After months of steady visitor traffic and consistent daily transactions, suddenly all visits to her site have stopped. Not knowing what do to next, she now turns to you for help.
After a little bit of investigating, you discover that someone has unlawfully accessed your domain control panel by impersonating her company’s administrative contact, modified the Domain Name System (DNS), and transferred her domain name to a different server. You’re now placed in the unenviable position of informing her that her domain has been hijacked.
Sound implausible? Such attacks have actually happened, with some even targeted at high-level companies listed on enterprise-class domain registries. While not as common as the threats posed by viruses and malware, domain hijacking can be equally as devastating to an individual customer’s financial stability and your reputation as a web host. The process of recovering a hijacked domain through logging a dispute through the Internet Corporation for Assigned Names and Numbers (ICANN) be costly as well, with many customers simply choosing to register a new domain name in the end (most likely through another web host).
Who’s Responsible for Domain Security?
The common line of thinking is that the responsibility of protecting a domain name lies with the customer who registers it, and that a compromise of security to that name is the result of poor monitoring on their part. Yet in the wake of investigations into the hijacking of the domains of some very prominent sites, ICANN’s Security and Stability Advisory Committee (SSOC) identified failures on the part of both domain name registrants and the registrars with whom they had worked as being responsible for the incidents. Plus, from a customer perspective, they pay you for secure web services. In their minds, that includes the safety of their domain names.
Domain Hijacking Explained
In order to properly understand how you might be able to prevent your customers’ domains from being hijacked, it helps to first understand the process of how a hacker can actually hijack a domain. What’s most important to understand is that an attacker doesn’t need to access your web server in order to get at a domain. Rather, hijackings occur via a backdoor route through the customer’s actual contact email address.
Here’s how the entire hijacking process works:
- The attacker goes to whois.domaintools.com and searches for the target domain name. Under the Whois Record, he or she gets the customer’s administrative contact email address.
- Searching the same record, the attacker finds the domain registrar (your web hosting service, in this case) under the “Registered through:” field. If that information is not recorded there, he or she can simply find the ICANN Registrar listed under the “Registry Data” heading.
- With access to the administrative email address, the attacker simply needs to hack into that email account.
- Having control of the customer’s administrative contact email, the attacker then visits your website and chooses the “Forgot Password” option in the login portal. He or she then enters either the actual domain name or the administrative email address to reset the password.
- An email is sent to the administrative contract address with instructions on resetting the password. The attacker creates a new password on the domain control panel, and now has full control of the domain.
- Within a mere matter of minutes, the attacker redirects the domain to his or her web server.
Because your system recognizes the attacker as the customer’s administrative contact, the hijacking often isn’t discovered until the customer notices an abrupt halt to his or web traffic and/or email correspondence. By that time, the amount lost in customer transactions coupled with the expenses required to fix the problem can be enormous.
What You Can Do
Recognizing the vulnerabilities inherent with the domain registration process, the SSAC highlighted several measures that both domain name registrants and registrars can do to help mitigate the threat of a hijacking. As a registrar, following these recommendations could help provide your customers with the peace-of-mind needed in order to trust their domains to your care. These recommendations include:
- Establish uniform guidelines for Extensible Provisioning Protocol (EPP) authInfo. The transfer policy requires that registrar-generated authInfo codes be unique to each domain. However, customer-generated codes are not subject to the transfer policy restrictions. Thus, a customer may create a single code for all of his or her domains. If that code is somehow compromised, an attacker has access to all of the domains that are linked to that code. It’s recommended that you encourage customers to follow the policy of one authInfo code per domain.
- Create a uniform default setting that applies domain locks on all customer domains. Communicate instructions on how to unlock the domain lock to the customer through means of correspondence other than email.
- Convey to your customers the importance of applying domain privacy protection to their hosting service package. Though such protection may come at an increased cost, the intangible value that their domain names hold as a symbol of their reputations with their own clients can be invaluable. Thus, that information should be afforded the same level of protection that they would give to customer and enterprise financial data.
- Look for ways to improve your customer authentication and authorization processes for any and all updates or changes associated with a domain. EPP can help by providing communication whenever domain information is renewed. Yet it may also benefit you to establish strict verification standards beyond a simple confirmation of the domain name or email address when a request is initiated to change customer contact or delegation information.
Domain hijacking sounds scary and intimidating because it is just that. Knowing that someone with the right know-how can simply hack into an email account and modify a DNS can easily scare customers away from your hosting service. Thus, it’s imperative that you as a web host do all that you can to assuage customer concerns by implanting the right kinds if safeguards to help protect them from would-be hijackers. While a fail-safe method to prevent domain hijacking has yet to be identified, you as a host can make the actual process of doing so difficult enough as to deter hijackers from targeting your customer’s domains.
Top image ©GL Stock Images
A website can be easy to set up, but choosing a domain name is complicated if you are basing it on unclaimed web addresses. Not surprisingly, the best domains are unavailable. However, everything is usually for sale for a price, including domain names. For instance, the Dot Com domain and website for the Glitter as a Service project, ShipYourEnemiesGlitter.com, sold for $ 85,000.
This example is just one of the many domains that sold for high figures. Recently, Investing.com sold for $ 2.45 million. That may appear to be a lot of money, and arguably, it is for many of us. Nevertheless, it does not even come close to the highest price someone has paid for a domain name.
Domain Name Journal put together a list of the 20 most expensive domains in the world. Not surprisingly, sex and gambling-related domains pulled in the biggest money.
- Insurance.com. This domain sold for $ 35.6 million in 2010.
- VacationRentals.com. This $ 35 million transaction, which took place in 2007, is the highest deal made to purchase any domain to date.
- PrivateJet.com. This 2012 sale came in a close second at $ 30.18 million.
- Sex.com. In November 2014, the pornography industry purchased this domain name for $ 24 million.
- Internet.com. This domain name sold for $ 18 million in 2009.
- Insure.com. In 2009, this domain sold for $ 16 million.
- Hotels.com. This site sold for $ 11 million in 2001, although the new owner would not confirm the exact price in a BBC television interview.
- Fund.com. Even though this domain was purchased in 2008 for $ 9.9 million and intended for a financial service, the site is still not live.
- Porn.com. Another entry for the pornography industry, this site was acquired for $ 9.5 million in 2007.
- FB.com. Facebook purchased this domain in November of 2010 for $ 8.5 million, even though it merely redirects traffic their site.
- Business.com. This domain sold in December of 1999 for $ 7.5 million (making it worth more than the next deal on the list).
- Diamond.com. This site, acquired in 2006 for $ 7.5 million, is now live as an online diamond shopping site.
- Beer.com. This site sold in 2004 for $ 7 million, and is currently for sale.
- iCoud.com. Apple, Inc. purchased this domain for $ 6 million in 2011 when it was hunting for all i-domains.
- Casino.com. This site sold in 2008 for $ 5.5 million.
- Slots.com. This deal, which took place in 2010, made the previous owner $ 5.5 million.
- Asseenontv.com. This domain, purchased by LA Group in 2000, was sold for $ 5.1 million.
- Toys.com. ToysRUs bought this domain for $ 5.1 million in 2009.
- Clothes.com. Zappos acquired this domain in 2008 for $ 4.9 million. It redirects online shoppers to their site.
- Medicare.com. This domain sold in 2014 for $ 4.8 million.
Many of us have heard about the child who allegedly registered McDonalds.com back in the early 1990s and sold it to the McDonald’s Corporation for several hundreds of thousands of dollars. Actually, Josh Quittner, an American journalist, was the original domain-name holder of mcdonalds.com. When McDonalds asked for the name, he opted to sell it and donated the proceeds to charity. Other myths include:
Myth: When you register a domain name, you become the owner of that domain.
Fact: The truth is that paying to register a domain name entitles you to the exclusive use of it for a defined amount of time, usually between one and 10 years. A renewal fee is due after your primary registration period ends if you plan to continue using the name. If you do not renew it, you could lose the privilege of using it. Registering does not provide you the right to keep the name forever. However, as long as you renew the annual registration fees, and the domain does not encroach on a service mark or trademark, it is essentially yours until you decide that you no longer want it.
Myth: You have to be a U.S. company or resident to register a domain name.
Fact: Anyone, regardless of whether or not they are a U.S. company or citizen, can register a domain name under most top-level domains (TLDs). However, some countries apply additional controls to individuals trying to register domain names under that country’s TLDs.
Myth: You can get rich quick by purchasing and then reselling domain names.
Fact: You can make money buying and selling domain names, and there is an entire industry of domainers whose sole occupations subsist from this practice. Nevertheless, the most prevalent myth is that a one unique domain name will make you rich. It is true that some domain names have sold for enormous sums of money, and a few have even changed hands for over $ 1 million. However, it is important to understand that well over 90% of domains that are for sale never find a buyer.
Myth: You need a website to own a domain name.
Fact: You can register domain names for a projected website, or you can register domains and just hold on to them. In fact, many domainers frequently register domain names with the original intent of parking them with a parking service. In that way, they can make a profit from ad revenue. If you purchase a domain name and later decide that you want to use it for a website, you can effortlessly direct the name to your new site.
Myth: When you register a domain name, you get a website, too.
Fact: A website is not something you automatically get when you register a domain name. A website requires a web hosting company that will store your files on their servers and make the site accessible on the Internet.
The Future of Domain Names
Domain names are more than web addresses. They are symbols that are synonymous with the World Wide Web. The Internet Corporation for Assigned Names and Numbers (ICANN) is the non-profit corporation that maintains all of the Internet domain names and other unique identifiers.
With TLDs running on short supply, ICANN has been busily adding new TLDs over the past few years to address the future of domain names. For instance, new rules will allow companies to register their particular brand names as TLDs. The only limitations are imagination and your wallet because applying to activate a brand-new TLD can cost upward of $ 100,000.
Top image ©GL Stock Images
After much anticipation, Google Domains is finally available for public use. The tech giant entered the domain name registrar market back in June 2014, but until now, the service has only been offered to a select group of testers. While still in the beta state, Google Domains is only available for users who are based in the United States. However, it’s quickly gaining traction against competitors like GoDaddy and NameCheap. Google is currently offering customers an array of features alongside 60 new available TLDs.
Key Features Customers Can Expect
Google Domains caters to small businesses. It’s simple, straightforward, and reasonably priced. While it’s not necessarily the place to host a bulk load of domain names, it does come with a growing number of features. Thanks to suggestions from the initial test group, these features are designed to make setup and management easy, especially for single-site owners:
- Email forwarding: Customers can generate up to 100 email handles with each domain and have them automatically forwarded to a Gmail inbox.
- Domain forwarding: After transferring a domain to Google, web forwarding is used to direct users to a single location. For example, the owner of example.net could forward traffic to www.example.com.
- Personalized subdomains: Google offers domain owners the chance to create up to 100 different subdomains with which to customize the pages within their websites. For example, the same owner of example.com could pair blog.example.com with shop.example.com.
- Straightforward management tools: Customers can easily manage domain names with a solid set of tools, including add and manage name servers, domain locking, configure TTL, add and manage resource records, and Google app integration.
- Easy integration with website building providers: During the beta launch, Google partnered with big names, such as Shopify, Squarespace, Wix, and Weebly. Moreover, the company’s own Blogger platform is now fully supported. Subscribers can create a website with one of these partners while taking advantage of secure hosting, custom templates, and mobile site management.
- Free private registration: Google assumes all costs of maintaining private registration and details of your domain, including name, address, phone number, and other contact data.
- Speed, security, and reliability: Google boasts a robust, secure Internet infrastructure, and domain customers are able to use the company’s own DNS servers. This boosts connection speeds as well as site reliability. Google will also throw in 10 million resolutions on each domain annually.
- A dedicated support center: Subscribers also enjoy ongoing technical and account support via phone, chat, or email. The company’s focus on business customers has not gone unnoticed.
New TDLs and Pricing
Customers are given a price per year for each domain. This is determined by the top-level domain (TDL) or domain ending. This is perhaps the most significant element of Google’s undertaking. Users are charged the same registration amount each year that a domain is active. Moreover, they have the option to add up to ten years (with the exception of a 5-year maximum on .co) or simply renew year after year. For accounts that go expired for more than 30 days, Google will charge an added fee to restore the domain.
Google also offers aftermarket or resale domains that can be purchased at premium prices for multiple years or renewed at the standard price of each TLD. A registry domain also comes at a premium price but with varying charges for renewal and registration.
The Internet Corporation for Assigned Names (ICANN) plans to release over 1000 new TDLs over the next few years, and Google intends to keep up. The following is a list of currently supported TDLs and the corresponding prices for registration:
- .academy $ 30
- .actor $ 40
- .bike $ 30
- .biz $ 12
- .builders $ 30
- .cab $ 30
- .camera $ 30
- .camp $ 30
- .careers $ 30
- .cc $ 20
- .center $ 20
- .clothing $ 30
- .co $ 30
- .com $ 12
- .coffee $ 30
- .company $ 20
- .computer $ 30
- construction $ 30
- .consulting $ 30
- .contractors $ 30
- .dance $ 20
- .democrat $ 30
- .diamonds $ 50
- .directory $ 20
- .domains $ 30
- .education $ 20
- .email $ 20
- .enterprises $ 30
- .equipment $ 20
- .estate $ 30
- .florist $ 30
- .futhol $ 13
- .gallery $ 20
- .glass $ 30
- .guru $ 28
- .haus $ 110
- .holdings $ 50
- .house $ 100
- .immobilien $ 30
- .industries $ 30
- .info $ 12
- .institute $ 20
- .international $ 20
- .kaufen $ 30
- .kitchen $ 30
- .land $ 30
- .limo $ 50
- .maison $ 50
- .management $ 20
- .me $ 20
- .moda $ 30
- .net $ 12
- .ninja $ 19
- .org $ 12
- .partners $ 50
- .parts $ 30
- .photography $ 20
- .photos $ 20
- .plumbing $ 30
- .productions $ 30
- .properties $ 30
- .pub $ 30
- .recipes $ 50
- .rentals $ 30
- .repair $ 30
- .reviews $ 20
- .shoes $ 30
- .singles $ 30
- .social $ 30
- .solar $ 30
- .solutions $ 20
- .supplies $ 20
- .supply $ 20
- .support $ 20
- .systems $ 20
- .technology $ 20
- .tips $ 20
- .today $ 20
- .tools $ 30
- .training $ 30
- .us $ 12
- .vacations $ 30
- .ventures $ 50
How to Purchase
Buying a domain is easy. Shoppers simply enter a name (with or without an extension) directly into the search box at the top of the Google Domains page. Results will show whether or not that name is available as well as all possible variations. Once a name is chosen, an order is easily finalized and paid for using Google Wallet. For premium domains, buyers should expect longer processing times for transferring ownership. Further restrictions apply to any .US TDL.
Buying a domain means assuming all rights to that name for a designated time period between one and ten years. Buyers become domain owners and can renew registration indefinitely. Once registration is complete, owners are granted access to Google’s user-friendly dashboard where they can view, renew and manage all account settings.
Transferring in and Out
If a domain has recently been transferred or purchased, the potential buyer must wait at least 60 days before transferring to Google Domains. The same applies to owners wishing to transfer out of Google’s service.
Furthermore, ICANN requires all transferred domains to remain registered for an additional year. If this causes a name to exceed the 10-year maximum period, that domain cannot be transferred in or out of Google Domains. Verification is needed if owners want to continue using any of Google’s services.
Only the Beginning
Even though Google Domains remains in a beta status, the online empire is continually working to add more features and more TDLs as they become available. Services remain exclusive to users in the United States, but full international expansion is definitely in the works.
Top image ©GL Stock Images
A frequently-asked query:
What’s the best and cheapest domain with free hosting I can buy? I want to make a great webpage to help animals. I want the world to see it.
Expert Answer: Warning! Using unreliable cheap hosting can leave you devastated and your hard work may be gone in seconds. Web hosting is one of the most important part of your web presence and can mean the success and failure for your business.
Some people thought that they can get free hosting service when they will register their domains at any accredited best domain registrar site when in fact majority of domain registrars don’t offer it anymore.
In terms of buying domain names and web hosting service, you can buy them at the same company or you can get them at different companies. The latter is much more advisable to give you more flexibility as well as effectiveness in managing your accounts. You can register your domain at any accredited domain registrar and mapped it with a free web host. You just need to change the settings on your domain registrar. just login then search for that particular domain name. Edit its nameservers to be in accordance with your web host settings and save it. It might take up to 2-48 hours before the domain propagation process will be completed.
Alternatively, if you are creating business sites or any other kind of income generating sites, free hosting won’t be enough. You can get a web hosting package with free domain registration included to lessen your expense. However, when the time comes to renew your domain name, you have to shoulder the domain renewal expense if you still want to use the domain name.
Before we answer the above question, let us review the 7 things to look for in a good web hosting. An excellent hosting:
- has at least 30 days money back guarantee,
- gives unlimited diskspace,
- offers no limit on bandwidth,
- gives unlimited add-on domains,
- has friendly Site Builder,
- has Fantastico and QuickInstall to quickly install apps like WordPress, Joomla, Drupal, OSCommerce, ZenCart and more
- can be easily upgraded to VPS or one of the cheapest dedicated server plans if and when your business require.
Best Hosting Company
To answer the above question, many experienced web developers suggest to try Hostgator. If you are building your first website and needs a hosting plan, experts usually highly recommend going with Hostgator because they are the best domain hosting around.
What if you find out that Hostgator sucks after you signed up with them? HG has an amazingly long, 45 days money back guarantee so you have ample time to test them out. They are rated A+ by Better Business Bureau which shows their commitment to customer satisfaction. You also do not have to pay for the first month. You can just try their fully functional hosting service – you pay only $ 0.01 (you need to use the special coupon). Do you know any other hosting company that can give you that kind of assurance? Anybody can grab an account from Hostgator for almost FREE.
How to Get an Unlimited Hosting Plan for Only 1 Cent
Click the coupon below try Hostgator cPanel hosting for almost free. If you already know that Hostgator is what you want, you can even save 25% off the normal price with the Hostgator coupons 2014 below.
Why You May Want to Avoid Hostgator
To be honest, no web hosting service is perfect. Drawback of Hostgator includes:
- No free domain name – but you can easily get a domain name from the best domain registrar such as Godaddy or Namecheap for $ 10 or less. That is fairly cheap considering a domain name costs no more than a few cups of coffee.
- You need to pay full price after your first invoice – well, they need to make money too and all the support and great service do come with a cost
If you are still not sure if HG is right for you, or you have specific query about anything at all, try the Live Chat at HG. They are fast and knowledgeable. Just shoot them some questions before you decide.
More than 7 million site owners depend on Hostgator for their hosting need.
HostGator is having a 20% off sale right now but we have got a better deal for you. Just enter WEBTEMPLATE in the coupon code field when you buy any HostGator hosting plan and you’ll get it for 25% off!