Ask HN: What is the best recommended domain name registration site?
I am a newbie regarding the domain registration to host my projects. Google search routed me to these as poular ones:
1. namecheap
2. GoDaddy
3. name dot com
What factors should I consider before buying any one of their packages. Frankly I don't have enough money, Help me decide with your wise advice on this please. Thanks
80 comments
[ 4.2 ms ] story [ 134 ms ] threadNone of those. I go with Gandi.net
Check them out. They are good people and give back. Never anything but great experiences with Gandi.
You'll get a free year of ssl certificate and 50% off hosting. But, to really do it on the cheap, get a BeagleBoard Black and a free micro instance with AWS to route traffic to the BBB, which you just run at home. One time cost of 35$ish plus domain registration costs.
Also worth noting, going with a company like Gandi over GoDaddy has many non-immediate and intangible bennifits. A simple Google search on customer problems and company practices of GoDaddy should provide lots of material. In the long run, you don't want to have to be dealing with headaches surrounding domain registration. At all. That should be fire-and-forget. Pay the extra $5 or $10, you'll save yourself plenty of frustration and extra admin time going with the right registrar.
I bought a domain from them a while back with private registration; a few weeks later I found out that private registration was not available for that TLD, and my details were publicly visible, making the domain unusable to me. I emailed Gandi, and they told me there was nothing they could do; they were not willing to refund my money, even though their site said private whois was possible for that TLD.
And if you were paying through our US processor, I'd love to have the support ticket number to look into it, as we're really working to eliminate such payment issues.
Given almost every site has some kind of UCG -- forums, comments, reviews -- it's impossible to guarantee compliance with Gandi's service agreement. Hacker News could not be hosted on their service given the content of some of the discussions here.
-------------------------------------------
> You acknowledge and accept that, in accordance with Our Ethics the use of any of Gandi services associated to Your Gandi Account:
> * it is expressly forbidden for use in any way that engages or participates in practices that are deviant, abusive, illegal, or prejudicial; and
> * must be appropriate to the age and sensibility of each of the persons that any of the Content is destined for, directly or indirectly, published or made available to via the technical solutions used
> ...
> You acknowledge that the following elements are considered as constituting material breaches of Your contractual obligations:
> * if We are made aware of, or discover that You provide, or are engaged in, in any way, directly or indirectly, through Our services:
> * any provocation or encouragement to commit crimes or offenses, and particularly crimes against humanity or encouragement of racial hatred;
> * activity or Content of racist, xenophobic, or negative character;
> * activity or Content of pedophile character, or that is liable to constitute or be associated with, either directly or indirectly to it;
> * child pornography, or the trivialization of such acts or encouragement of violence, suicide, or the use, production, or distribution of illegal substances, or acts of terrorism;
However-
I do use 97Cents.net for early stage projects where there isn't production traffic involved. Gandi simple hosting product works well, too. I haven't had the chance to test it w/ significant traffic tho.
Gandi support is worse than useless. They have no idea what they're doing, they can only read from a script, and the only way to contact them is by email with a nice long turnaround time. Even the tiny little registrar I've used for over a decade (who I don't otherwise recommend because of other big issues they have) has a phone support option and staff with functioning brains.
1. I was using Gandi for, I think, only the second time, and I initiated the account creation process from a domain transfer (account #1).
2. During the account creation process, I think there was a small field labeled something like, "Create a new Gandi handle", which to me sounded like a pretty good idea: I could create something more memorable for my client rather than a random-numbered GANDI- account, so I used the shortened form of my client's primary domain. This created account #2.
3. What actually happened was that both account #1 and account #2 were created, account #2 was an ordinal number away from account #1 (so, SS00003 and SS00004 for example), and the password was clobbered on account #1.
4. I then signed in to account #2 to look at the domain transfer status and found that no domains were listed there. Odd. So I tried signing in to account #1 and couldn't, and I don't remember why but the password reset function wasn't working (I probably wasn't receiving the emails).
At this point I thought the UI was a little confusing but it wasn't a big deal. I've dealt with almost exactly this same issue with GoDaddy and it just took a phone call and they sorted it out in a few minutes. I was less happy to realize you don't have a phone support option, but that's on me -- I should've checked that first. I refuse to use live chat because my experience with that has been universally bad; live chat always gets shunted to support people that are restricted to a script and can apologize a lot but never actually fix anything.
5. So I started a support request and was polite at first, explaining the situation. What I got back was a request for "company documentation establishing you as a representative of the company [...]" and "articles of incorporation, and a scan copy of the government issued identification of one of the signing parties on said document".
6. That got a slightly less polite response from me saying that under no circumstances would I burden my client with a paperwork request over this, and reiterating again that it should be clear that I created both account #1 and account #2, that my credit card and billing information was used to pay for the process, that I successfully initiated a transfer of four different domains, and that I thought this should be reasonable and sufficient evidence of access on their behalf.
7. After that there were a couple of more exchanges between Dante A. and Alexis J. and me; Dante wrote a polite long email repeating that there was no way for Gandi to confirm that I created account #1 and giving me a tip for using Gandi in the future, and Alexis J. chimed in to say that Gandi doesn't retain payment information "for security reasons".
At this point I was slightly horrified at the experience, especially in the context of having received significantly more useful support from GoDaddy of all places in the past for almost exactly this same issue (merging two accounts). I couldn't imagine sticking a client with this kind of support. I have to navigate support channels for lots of different companies on a regular basis, that's part of my job, and it's unusual for me to get completely stymied by support anymore.
It didn't help that all four domains were close to expiration and that one of them appeared to have a transfer problem but you couldn't give me any information on the transfer status of that domain. I was left with one of two choices: either wait and see if the domain transfers first or expires first, or try to initiate an immediate transfer with another registrar and potentially complicate matters even further. I opted for waiting and fortunately that turned out OK, but I had several days to stew over not being able to tell what was going on.
I did get one thing wrong in my complain...
At any rate, once that point is reached, we act with the security of the domain in mind. If the handle in question belongs to an individual and you have access to the email associated with the account, it's as easy as sending a copy of your ID. In this case it was a company handle, which requires some proof that you're authorized to act on behalf of the company.
This kind of situation is exactly why we offer reseller-type accounts (free of charge), which allow you to control your clients' domains and handles from one place, while leaving the domains in their name.
Given that there may have been an easier solution available, I'm sorry this went down the way it did. But at the same time, we don't think it's unreasonable to ask for proof of ID when you're trying to gain access to an account: We don't have access to any payment information that could reliably identify you, as it all goes directly through our payment processor. We understand when you explain the situation, but such explanations are all too often indistinguishable from social engineering, and so we take it a step further--for the sake of the security of people's domains.
We are humans, but we're paranoid humans, and a great deal of our customers appreciate that.
If you ever decide to give us another chance, you can reach me at aj (at) gandi.net. I can help you set up a reseller account (and do my best to restore your faith in us).
I didn't consider a reseller account because in this particular case the plan was just to be the guy that set up the account for the client and then hand everything off to the client, since that's what they wanted. Maybe that would've worked better.
I dig that Gandi takes social engineering into consideration and it's great that you want to do your best to make sure your customers don't have their domains stolen by bad actors, but I think there might be some room for improvement in figuring out who is and isn't a bad actor. This experience with Gandi was unusual compared to a lot of other companies I have to deal with, most of whom have to have some level of data security policies in place.
> We don't have access to any payment information that could reliably identify you, as it all goes directly through our payment processor.
That seems odd. I wonder if this is a technical limitation of your payment processor, or just something that's not implemented on your end, or if there's some other consideration that's keeping you from making it work. I'm pretty sure authorize.net makes transaction information available in a secure way to vendors, as does Stripe and a small number of other forgettable payment gateways I've had to write code for over the years.
If you did have the ability to see the last four of the credit card used to create the account (and I understand you didn't/don't), you could have asked that in a challenge/response manner and I think that would be even better than asking me to send fakeable images of identification -- which violates my personal security, because I have no guarantees whatsoever for what a company does with a scan of my driver's license after they receive it.
Anyway, I do appreciate you reaching out and taking the time to look into this, that shows you do care about your reputation.
My current strategy is to ping pong my domain names between GoDaddy and NameCheap, using coupon codes as much as possible. I don't particularly care for either company, and I think that both are still too expensive, but I don't have an alternative at the moment that I am aware of.
Not always the cheapest, but they're dependable, they're in the EU and they have a very, very broad selection. The latter is important because I have a fairly eclectic mix of domain names and I'm happy to pay a premium so I don't have to deal with 3 different registrars.
I just finished transferring my domains out of google to namecheap.
We are a legitimate, normal business. They unilaterally banned our site and took it down - with no access to transfer it out. Their technical team does not give a response in a timely manner.
Our small startup's site was down for 8 days!! If you would like to avoid our experience - never use Google registrar.
Now, I am reconsidering use of Google Apps or anything else from them for businesses.
I've been using NFS for years on low traffic sites and have not had any issues. For the unfamiliar, it's pay as you go for bandwidth and storage, with discounts as you start using more of each.
The interface is ancient, and they pass CC costs on to you, but for the price, I've yet to find something better.
Been with namecheap for quite a while, had no issues.
I had a renewal time-out in the middle of a card verification last month - and that's really not something you want.
All that said, I'd love to have a registrar that just sent us an annual bill for all of our domains (even if it's in advance) rather than billing us separately for every one. It's an accounting headache with all the expenses. I believe GoDaddy does that, but.. no thanks :)
They have a very easy interface to manage your domains and their zones. As a result, if you develop your business and need more domains, you'll save a lot of time.
Plus, they have a good customer service, they offer SSL certificate for 1st year, and free emails addresses.
Otherwise I like EuroDNS [2]. They have decent service and a pretty good web UI overall, compared to some of the other companies.
[1] https://www.nic.io
[2] https://www.eurodns.com
These are country codes where the state that controls the land doesn't have an interest in managing the domain, so it's been sold to a 3rd party company.
Anyways, you probably should consider actually reading the ToS for the companies you are planning to do business with. I think at least Gandi has fairly vague terms on which they can terminate the service: https://news.ycombinator.com/item?id=3388928
https://www.nearlyfreespeech.net/help/abuse
In the end though, every company is going to reserve the option of termination for any reason:
Yes, Namecheap's site is slow. But their support has been great and they're cheap. (also they have really cheap $1/year whois privacy)
Google Domains is nice too, almost everything is $12/year.
https://www.reddit.com/r/photography/comments/3jdwzc/bluehos...
Like I said, it has worked for me. I didn't say they were perfect.
Please show me what domain registrar do you use that you would recommend, and then let's see if there aren't any horror stories whatsoever.
I've had to work with a pretty large number of different registrars and hosting companies over the years -- part and parcel of being a troubleshooter -- and I'd place Bluehost squarely in the middle of the pack. They've never done anything infuriating, which puts them way ahead of a lot of other companies, but there's also not really anything about them that sets them apart from the rest of their competition, other than maybe their size.
Gandi and Hetzner both offer 2FA to secure your domains, this is something I find very important, especially with one of my domains having gained quite a value to make it interesting enough a target for a possible theft, and another being so dear to me after more than a decade of use, that I couldn't do without it any more :)