How to protect your domain name
After spending time choosing a domain name and building a business around it, you want the domain to remain yours unless you choose to sell it. But if you don't take precautions, you could lose the domain. Domains can expire without the registrants knowing that they expired, and although domain hijacking is more difficult than it once was, it can still happen. It's much easier to take steps to protect your domain name than to try to recover it afterwards.
Contents |
Have the domain name registered to you
The person whose name is listed as the domain registrant in the domain registration record (the whois record) is considered the owner of the domain while it's registered. That person and the person listed as the administrative contact can transfer the domain to someone else. The name for both of these contacts should be you. If it's your web host, your web designer, or anyone else, that person could claim or transfer ownership of the domain. Or if someone hacked into their account, your domain could be hijacked.
Keep all of the information in the domain records current. If it's outdated, your domain registration could be cancelled or you could be unreachable if someone tries to transfer the domain away from you.
Use a secure password for your domain record
If someone can crack the password to your domain registration account, your domain can be hijacked. The hijacker could change the email address for the account and then transfer the domain away from you. Use a long, complex password that you don't use anywhere else. If the password is ever emailed to you, change it.
Keep the domain record locked
Most domain registrars have the option for domain names to be locked. As long as they're locked, they cannot be transferred or updated.
Use a valid, non-free email address for your whois records
The email address you use for your domain name registration will be harvested by spambots. It must be a valid address, though, so that you can receive renewal reminders, notifications of transfer requests (valid or not), and other correspondence from the domain registrar. One way to reduce the spam is to use an email address that's only for domain registrations and to change it periodically. Or just whitelist the domain for your domain registrar and let your spam filter handle the rest.
Avoid using a free email address, such as a Gmail or Yahoo address, for your domain whois record. Hackers could target your free email account and use it to access your domain. If they plan their hijack at the beginning of a weekend, you might not be able to get help from support to regain access your email account and therefore your domain until the following week.
Read email from your domain registrar when you receive it. It might be a renewal reminder. Or it could be a notification that someone is trying to transfer a domain away from you.
Some mail or email may be from another registrar trying to make it look like they're asking you to renew your domain when in fact they're asking you to transfer it to them. Don't respond to such correspondence.
Set up domain alerts
At whois.domaintools.com, you can create alerts for specific domains, e.g., domains registered to you, and alerts for domains registered to the email addresses you specify. These notifications can alert you to any attempts to hijack your domain as well as any domain expirations you missed.
Set up domain renewal reminders
Use Outlook, an online calendar, or another program to set up annual reminders to renew your domain at least a month before its expiration.
See also
- Domain names
- Domain name registrar
- The dos and don'ts of domain registration
- Private domain registration
Web Hosting Wiki article text shared under a Creative Commons License.
