I use my own domain to host a simple homepage. I also use it as a custom mail domain. Initially, I bought the domain on godaddy.com when I was getting into the realms of software engineering. I always found the user interface hard to get used to, but it never bothered me enough for me to transfer my domain. Especially because I run the DNS through Cloudlfare and, therefore, I have fairly little contact with the interface of godaddy.
Today Proton (my mail provider of choice) surprised me with a warning that there were problems with the setup of my domain. A quick research revealed that godaddy had cancelled my domain. It showed up in the Redemption Grace Period. This status code indicates that godaddy has asked the registry to delete my domain. After 30 calendar days + 5 days following the end of the redemption period, my domain is purged from the registry database and becomes available for registration.
I immediately contacted the godaddy support hotline. Mainly because of my mail account and the services connected to it. They confirmed the termination. The reason given was that I had failed to respond to an e-mail - that was sent yesterday on a Sunday(!) at 9:51 PM. Then at 0 o'clock my domain was terminated. So I had a breathtaking 2 hours to respond. Which is especially fun because I go to bed at 10pm. :-D
To make matters worse, the mail ended up in the spam folder because Godaddy's reputation seems to be bad and was titled: "Update your privacy settings and personal information.". Even under normal circumstances, I would have ignored this email. How should someone suspect that in a few minutes from now on the own domain is going to be killed.
If I understood the service employee correctly, this mail means that something was wrong with my payment data. And indeed, there was an old credit card on file. However, a PayPal address was also stored there, which still worked. Via this address, I was later even debited the penalty fees that I supposedly had to pay.
After some back and forth with service, I was then given an ultimatum: Either I pay €150 fine, allegedly required by my government to be charged for domains that enter the grace period. Or I lose the domain.
The latter didn't sound very inviting, as I like my domain and also don't feel like switching all accounts to another domain/provider. So I paid the fee.
Godaddy confirmed afterwards that there were no further emails or announcements. The service employee even confirmed by phone that apart from the mail and the subsequent generous transition period of 2 hours, there would have been no further information.
TL:DR If you have a domain with Godaddy, just make sure that the payment information is correct. Otherwise, it might get expensive.
Depending on what you need, https://dnsimple.com seems to have a good reputation, I also see a bunch of people spreading their risk by putting DNS on one big (cloud) provider and all other services on other providers. This means that while Cloudflare does DNS registration now, you might still want to use Cloudflare for your DNS zone and something else for registration. That said, Cloudflare still has a good reputation (for paying customers!).
The idea behind that is the (generally) low fee of DNS registration is easy to monitor/check and maintain, so if all else fails you at least retain your domain name as an identity which is generally the foundation to everything else. While it might suck to lose the contents of a mailbox or a website, if you still retain the DNS registration you can always re-create.
Other service providers that don't structurally screw your DNS over (re-including the ones I mentioned):
- AWS
- Cloudflare
- Leaseweb
- Rackspace
- transip
- OVH
- dnsimple
- GCP (Google)
- EasyDNS
- porkbun
- Microsoft
- Hetzner
- key-systems GmbH (usually via one of their partners)
- Scaleway
If you are in an ITAR area, conflict region or trade sanctioned region, none of this will help tho.
I mean you can never predict these things fully, so be ready to move domain registrars or even domain names if you ever need to. Another example, UK residents or businesses that had a .eu domain name were no longer allowed to have it post-brexit.
As soon as possible though, everything is going to Cloudflare. It simplifies my life.
GoDaddy did nothing to help. I've posted about this before, and like to bring it up everytime people mention bad GoDaddy customer service.
There may be a mandatory waiting period.
And finally, there's DNS caches; if you know a migration is upcoming, it's worthwhile setting the TTL to a lower amount.
Totally unprofessional and a complete joke. Will never use them on a production system again. Always angry if they are mentioned here like they are a legitimate choice...
Network Solutions was at least 'good' at one point in time, or at least one of your only options. What did GoDaddy ever do?
Except with CloudFlare, she didn’t notice it was lapsed until they modified her DNS. The domain was in REGISTRAR HOLD state. We couldn’t do anything via the UI. Reaching out to CF support had a misfire, because the first support rep thought it was about CDN not Registrar. A couple of polite emails (and like 60 days) (she did not make it a priority to resolve) later, the domain was restored. I was kind of surprised because I thought some kind of ICANN hammer drops right about 60 days and forces an auction.
Anyway, my highest accolades for registrar go to CloudFlare.
If it's ukrainian company it doesn't mean their service is any good
They got a big marketing campaign first. And as a consequence, it looks like they inserted their brand into people's mind forever.
Now it doesn't matter how many shitty things or outright crimes they do, people always find some excuse to keep giving them money.
I don't know if they get a lot of chargebacks against them, or if it was just a fluke, but I haven't tried again since.
Then GoDaddy bought them, and did nothing useful with them. Nothing. I kinda sat with MT since it was easy to be complacent, but my feathers were ruffled recently once I noticed that GoDaddy started transferring my domains around to start raising my renewal prices. Shady as hell.
I've started to jump ship, but it's not a one click and be done with it process.
Some people can't wait to victim blame every time these posts of obvious business stupidity come up.
The other market is generally focused on brand protection and domain portfolios, through they tend to be open to private customers as long they are willing to pay the general much higher price. The margin here means that they want to keep their customers, and good support and proactive relation is an effective way to engaged with customers rather than being a pure cost center.
My general recommendation is to use the cheapest one when holding domain names for future projects, and use the second one for anything which would cost you a lot of money and time if things goes south or the registrar do something stupid like in this case.
(disclaimer/context, I work at a small local registrar and I regular hear about this kind of events)
(At the time I tried discussing the subject on webhostingtalk, but they sided with the business.)
* The purchase of webfaction w/ a promise to migrate sites to a new host. They promised for over a year to do this migration and then 30 days before shutdown told me they could not migrate and to figure it out.
* Domain name sniping. Never ever use godaddy to search to find a domain. They will just steal anything you search for if you don't immediately claim it.
I've been using them since 2011 and have not had a single issue.
In fact, they have just kept on progressively getting better!
German businesses are also notoriously litigious: One time, I went to a bicycle shop to have a snapped derailleur cable fixed, and when I picked up my bike and paid, I noticed the chain kept rubbing on the derailleur. So when I showed it to the shop owner he kept pretending that's not an issue and telling me that that's how it's supposed to be and that if I don't like it, I should pay him another >€95 for a full service so he can look into that. I stopped trying to argue with him and took my bike to another service that fixed it for €5, and left a one star review on their google maps explaining the issues they left my bike saddled with and the cheek and audacity the owner had in shifting the blame. After a few weeks I get a letter from the bike shop's lawyer telling me to take down the comment as it's libel without proof and I will have to pay them the cost of the business opportunities they lost due to my negative comment, so I had to spend more money and lawyer up as well to defend myself against that fraudulent bike shop. That's how that shop and many other business in Germany only have positive reviews: they get the negative ones removed under some archaic libel law.
Even my German friend confirmed to me that that's the modus-operandi of many German businesses, basically constantly screwing over thier customer base and hoping you're not gonna bother to fight them in court (especially if you're a foreigner who doesn't know the laws and doesn't have time and money for lawyers).
Awful place to be a customer in.
Domains go into a redemption period because they expire. Having a card or paypal on file is meaningless if you don't have auto-renew.
People lie. People lie all the time, and always spin the story to somehow make them the blameless victim.
Folk ask why I colo. And the why is because it's my hardware. If my host is to touch my kit without my permission or a subpoena they'll get slapped with a solicitor.
ycombinator uses gandi.net too.
[Edit] Added 24 hours to short time
EDIT: I misread it, it's most of their workforce.
You're getting the benefit that AWS isn't just a registrar they're... AWS. Their processes around accounts and support and such are all designed around much higher value and higher impact accounts (many entire businesses would go away if all their compute + storage were suspended). Low margin domain registrations isn't really their business, so they're not trying to cut security/support to make it viable. From $4k/yr accounts to $450k/yr accounts, I've never had an issue getting in touch with support and having someone empowered to resolve my issues.
That said, I'm assuming from "enterprise-y" that this isn't anything that would be remotely near violating their AUP. I haven't heard of much real enforcement outside of people who were very blatantly malicious actors, but I'm sure if I don't mention it someone will come along and point out one of the newsworthy account suspensions that have happened.
Your case sounds like one of your IPs got blocked in their firewall, which can happen if you use bittorrent or receive a DMCA strike. But then other IPs associated with the domain would still work fine.
That said, yes, their abuse team is rather trigger happy. I've had disagreements with them, too. They can be VERY German ;) But in general, calling them on the phone can fix these cases within minutes.
Of course, these emails may not have been delivered to OP for one reason or another. If that’s truly the case, it could be a technical error on GoDaddy’s side, or a filtering/mail issue on OPs side.
I can see how it'd start adding up with too many domains, but at my level the trust is more comfortable.
It should be noted that GD had a kiting operation, but then paused it, after which the original owner publicly decried the practice very publicly. The company has since been sold and I would wager that the opportunity was too profitable to ignore.
Source: I built the analytics system for parked domains that was used for pricing early GD domain auctions as well as the initial integration with Adsense for domains.
My domains are currently split between the two
Might as well move my stuff over if it means avoiding things like this
Godaddy was at one point ok to use.
Namecheap is popular but there are warnings about them now in this sub too…
You can make an informed and good choice, and years later you have a bad registrar.
That doesn't make them any worse than, say, GoDaddy, but given enough time, they'll probably end up just as bad.
Edit: And if you have to take the cheaper option, at least go with Namecheap. They're a lot better than GoDaddy and at a similar price point.
There's just too much superfluous information in the post that's not relevant to the problem. I don't care that OP uses Couldflare as DNS. I don't care what OP's email provider of choice is. I don't care he forgot about his GoDaddy account.
Also I think it's the government he should be complaining too, because it looked like GoDaddy reactivated his account for free.
Not saying GoDaddy is a good business, just stating that OP probably might not be as innocent as it seems.
This is purely an opinion.
Only downside is their new registrar doesn't support many new-TLDs, so it's a bit of a hybrid setup for some domains.
I’m still cheesed about it, and more than a bit confused. Godaddy had and still doesn’t have any of the value prop that webfaction did. Godaddy didn’t integrate the WF technology or customer base in any meaningful way… so what was the point? Was it an aquihire?
The transfer was quite smooth. It was easy to turn off the cloudflare "protection" (my sites don't need it (yet?) and I didn't want to have to think about it, the threat model, tls stuff, etc). And so far no problems.
As a customer, I highly recommend Dynadot (low prices like NameCheap, but a nicer interface - I tried both registrars when I switched my domains away from DreamHost).
I don't use GoDaddy, but I have been forced to use it in the past because I had clients who used it. They suck in a lot of ways but in this case they definitely sent repeated messages about this before the one that the poster found from 2h before the cutoff. I got similar messages from various registrars often multiple per month for many months prior to the cutoff date. It is much easier to believe that this poster just didn't see them because they flagged one or more of the many spammy messages from Godaddy and got all their messages sent to the spam box. If they had logged into GoDaddy during the previous 6 months, they would have also been prompted by a popup, which would likely have been dismissed because it looks just like the hundreds of marketing prompts you are bombarded with every time you log into GoDaddy.
[1] These companies are hired by organizations like banks to scour the web for phishing sites and have them shut down by reporting them to their hosting providers and/or domain registrars. Obviously our legitimate page was incorrectly flagged by whatever algorithm the company used.
That said, with Hetzner I've had the trademark complaints as well, but they've always given us 24h, and were always okay with us saying that our usage (e.g. showing a logo of a shop next to their review) was fair use.
For this poster, I don't think they can migrate to a different registrar while their domain is in the 'redemption' period, and they may not be able to migrate within some time period (30 days?) of renewal, either.
It's obvious stupidity in multiple ways:
They failed to account for the customer's long and positive track record. They must be having a CRM. About time they started using it instead of acting like a script that wakes up and shuts down without any context.
Despite being web and mail hosting experts, their architects failed to design their systems for the scenario that their critical mails end up in spam.
Their UX people failed to title the mail in a way that would grab attention.
The post says that apart from this single email and its 2 hour deadline, there weren't any notifications in the past, something that other people here have assumed without checking.
====
In all such posts, it becomes obvious again and again that tech businesses are failing to design their systems for corner cases. This is not that surprising given all the communication and decision-making complexities anybody who's worked in tech would have seen.
Victim blaming is the laziest and most useless approach because it just denies that the real world is more complex than the ideal use cases the designers assumed. And neither helps improve anything nor holds anybody accountable.
[0] https://www.namecheap.com/support/knowledgebase/article.aspx...
i think giving 2 days before turning anything off would be sensible. 1 day would still be ok. but turning it off immediately without even giving a chance to reply is not acceptable. especially since anyone can send a trademark complaint without providing any evidence. so, if you want to do some domain sniping, look for businesses hosted on hetzner and watch them go down...
I’ll also note that 100% of the clients I’ve inherited who used them had less than a single nine of uptime annually. Their shared hosting, file storage, etc. would just stop responding and nothing would appear to happen until someone called support.
> Anyway, my highest accolades for registrar go to CloudFlare.
Er. Is that really the conclusion here? Did you mean to mention that they sent her a warning email in advance and she just missed it? Because the way you've written it makes it sound like CF still screwed up but made it possible to eventually recover.
Through 90% of the post, I assumed that Godaddy unfairly canceled your domain. That doesn't seem to be the case. Granted, their termination notice timeframe is atrocious and that's the core issue.
Please fix the post so it doesn't misrepresent the actors in the situation.
You said you had another payment mean, but they’re likely not allowed to use it without your approval. If you missed the email requests for approval, they couldn’t renew and you legitimately lost your domain.
The annual contact accuracy check (WDRP) usually doesn’t result in deletion but suspension, so something sounds fishy here. Maybe it came at the same time as the renewal (which makes sense) but I’m pretty sure it’s not the direct reason for deletion of your domain.
However the above is true only for gTLDs, not for ccTLDs. What’s the TLD of your domain?
Generally, I would recommend not hosting APIs on the primary domain for exactly that reason - it's too easy to be hit with some sort of complaint and have that domain cut off (DMCA, preliminary injunction, SPAM complaint against your mail server, shitty host, ...).
It's been discussed here at HN too: https://news.ycombinator.com/item?id=30504812
Even if I was affected, I'm not sure I'd want to continue relationship with them. Anyway, user of name.com now, so far so good.
(P.S. Might need to say that I support Ukraine in this horrible conflict, I just happen to hold a Russian passport)
My card on file expired, and I missed the emails CF sent due to not being well for a few days.
5 days after the first payment issue, my whole (long time paid-for) Cloudflare account was downgraded to the free version and any configuration for features only available on the paid version were irretrievably reset and lost.
The auto-downgrade is somewhat understandable, though I still think 5 days is not much notice for removing a chunk of security measures from my site.
But what really annoyed me is that after sorting the payment issue, there was absolutely no way to restore my account configuration to how it was before. Every single feature that I had configured as part of my paid plan (ie. features not available in the free plan) had been turned off and/or reset to defaults.
So though I'd solved the payment issue, the configuration of my account was totally messed up, and security features were changed all over the place. I was told by the usual copy+paste canned response from "support" that there is no way around this.
I'm kind of appalled by this. This resetting of my security configuration combined with the really short 5 day period is very aggressive. One or the other would be annoying. Both together is just unacceptable.
I know, I should have the configuration stored as code somewhere. I will be doing that moving forwards (if I stick with Cloudflare at all which is now in question).
This is a $20/month account (one of multiple that I pay for) but I've also brought Cloudflare a significant amount of business over the years. Across multiple paid accounts at various levels, and numerous referrals. I'm now seriously reconsidering my heavy adoption of their services across all my client projects. (For this, and a few other reasons).
I have an email from them forwarded by a third party reporting phishing on a CF-DNS-hosted site where Cloudflare denied they had any responsibility whatsoever as “they host no content”.
Of course, it requires a subpoena to discover who DOES host the content, as they are the only ones who know.
Not from what I remember. They were well thought of / recommend many many years ago.
I still see this occasionally on otherwise innocuous sites.
Other 3rd party JS can still cause it, but ad networks are the most common.
Hetzner nullrouted me twice and once gave me a few hours to pack my things before they'd shut down and wipe servers I had with them. Overall there seems to be little company policy here: You never know which treatment you're gonna get. Sometimes they forward complaints, sometimes they take 'enforcement' upon themselves. Always a good idea to hedge one's bets with Hetzner, so you can enjoy their relatively cheap offers without being crippled when they decide to take you offline over whatever. I only spent like 20k EUR with them over the years, so I can't speak for how they'd treat bigger fish.
It's like a punishment for moving away from them.
If you want to use Apple, Google, or Facebook services for your business / as part of your business, they often treat you the same way....
"Do what we say, or you're presence here will be terminated"
One of my friends recently told me he searched for a domain through GoDaddy. I immediately cringed and told him he'd better get that domain on NameCheap ASAP if he really wants it. He went back to look for that domain and GoDaddy bought it and decided to charge over $1000 for it. The original price was peanuts.
GoDaddy shouldn't be used under any circumstance. If you do, you'll get F'd in the A.
I've been playing with cloudflare recently, and just realized they also do domain registration and DNS hosting. I might seriously look at switching to them depending on hassle and potential benefit. But I usually like having dedicated registrar/DNS that is uncoupled from hosting.
(But then again, I ended up getting a .dev domain at a different registrar, so I guess I'm screwed either way)
Previous experience: I already had one of our videos suspended for "copyright violation" (this was on media hosting site) despite the fact that I fucken made this video myself. Some company had stolen it claimed as their own and submitted hash. Since mine has the same hash ( duh! ) access to my video was blocked resulting to download complaints from customers who purchased it. I sent numerous complaints with the results that amounted to roughly "fuck you". I've given up but suddenly out of blue after 2 month I received the apology from some C-level of theirs telling me that they were in error and access to my video was restored.
I'm surprised not to see more love here, they're impeachable IMHO
can you explain what you mean by this? how do you find the "local registrar" for a company, what does that even mean?
https://news.ycombinator.com/newsguidelines.html
We detached this subthread from https://news.ycombinator.com/item?id=32470266.
As it turns out, Godaddy has a backup payment method option: https://godaddy.com/help/set-a-backup-payment-method-724
Like I said, in all these posts, there's a tendency to victim blame by making convenient assumptions to show the victim must have somehow been at fault. The GP even jumped straight into "if X, then it must be your fault" without even bothering to check with OP if X is true.
Additionally, despite all our insider observations of snafus as software engineers as well as personal experiences as customers, there's a tendency to implicitly assume that all software systems are designed perfectly and the entire chain of people that run them are 100% correct and ethical 100% of the time.
I termed this "the tech just-world hypothesis" because of how often I keep seeing it.
All others I've tried have had unintuitive interfaces that make me want to scrape my eyeballs out.
GoDaddy the worst among them.
NameCheap send out their reminder emails telling you a domain is about to expire in the format: "Your domain <somedomain.com> expires on MM/DD".
Several times I had domains expire or almost expire because, being in Europe I naturally read 'MM/DD' as 'DD/MM' which, under certain circumstances looked like a domain was expiring several weeks in the future, when it was expiring imminently.
I emailed NameCheap customer service on a couple of occasions about this. Pointing out that, for their customers outside the US, their expiration notice emails were liable to be mis-read and I suggested they either use 'DD/MM' when emailing customers in Europe or --even better- just spell out the month name, so there's no possibility of confusion.
The first time I got no response at all. The second time, I got an email back from NameCheap Customer Service saying "We're an American company. We use American date format"
So I thought 'Fuck you then. You'll not be wanting non-American customers, in that case.' and immediately transferred all my domains elsewhere.
I'm currently using gandi.net. Not as cheap as NameCheap but no complaints so far.
Oh. And to address something raised by the OP: there's no way you should have to pay $150 [or anything for that matter] to revive a domain that expired the day before. I'm not sure what the grace period is. But, in the past, I've renewed domains that had expired a week or more previously and never had any problem. Nor have I ever had to pay any 'fine' for doing so.
GoDaddy are shysters. I'm actually surprised someone fitting the HN demographic uses them. I thought their reputation was pretty well known in techy circles and most savvy people actively avoided them.
This doesn't sound right for a few reasons.
First Godaddy manages a massive amount of domains. For them to be doing anything like this would really defy common sense. They'd be hit with tons of complaints and importantly so would ICANN. AND ICANN (from our experience) will send out a notice (which creates paperwork for us) on any complaint literally for any reason. You have to respond to it so they clear the complaint. It's a pain and separate from any other reason a big incentive to not have people complain to ICANN (which can happen even if you are not at fault). ICANN also audits from time to time and they will pick a number of domains and make you show logs that you have sent out notices. (But my initial point is the more important issue).
Further ICANN requires that registrars send out multiple email notifications. They specify a number (I think it's about 4 or 5). So it doesn't make sense (especially for Godaddy) that this could have happened '1 notice 2 hours to respond'. And only a single notice.
As far as the cost, registrars are charged by the underlying registry (.com/.net .org .info) to bring a domain out of redemption. That charge is about 4x roughly what a .com domain costs for a year so it's not trivial. Then that charge is marked up by most if not all registrars. Our fee is less than what is stated here but it's not nominal either.
Separate I have a few of my own domains at Godaddy (and some other registrars) 'just because'. I always get plenty of notices from them it's almost annoying.
One last point. ICANN requires a domain to be put on hold prior to going into redemption. There is no doubt that Godaddy is doing this. As such your first notice of domain not working would be it's on hold not it's in redemption (and set to delete). Seems that this domain was not being used by the OP and they didn't pay (which they acknowledged) and it was deleted and they didn't notice it was on hold (specifically to get domain owners attention). I don't know what the 'off hold' fee is that godaddy charges my guess is it's less than the redemption fee.
At this point, there are 5000+ dead Ukrainian civilians. If at this point you are more concerned about Russian citizens buying domains names from one vendor than you are about Ukrainian civilians getting blown up, that's in no way a neutral position. Similarly, you and Namecheap both have freedom of association. Their using it to enhance sanctions against Russia is exactly as political as you using it to boycott them for their choice.
Sucks to say, but this is kind of on you. In general with any company, having a secondary payment method on file doesn't matter because autopay is only enabled for one (this is a feature, not a bug). And if their e-mails went to your spam, that's ultimately your problem as well (domain registrar e-mails are critical, you need to whitelist those).
I find it extremely unlikely that there were "no further emails or announcements" -- registrars are generally desperate to have you keep renewing, and will repeatedly send you e-mails if autopay fails. (Intentionally allowing GoDaddy domains of mine to expire in the past probably sent me 10-20 warning e-mails each, often daily.) But if your spam folder autodeletes messages after X days you can't find those either.
In any case, GoDaddy didn't cancel your domain -- you let it expire. And the €150 isn't a fine, it's a redemption fee which is standard with any registrar to recover a cancelled domain. With any registrar if you let your domain expire, it's going to get expensive.
Sure you can do that for some internal/private service. But how can you do that when you have a public user base who expects a service at foobar.com which has DNS issues?
And on that note, Letsencrypt has a helpful list of hosting companies that automate the process for you: https://community.letsencrypt.org/t/web-hosting-who-support-...
Dealing with domain registration nowadays is a dreadful experience. The system is completely broken.
exactly what happened. so not even the slightest reason for an immediate reaction
> recommend not hosting APIs
yes! we learned the hard way :)
https://hn.algolia.com/?dateRange=all&page=0&prefix=false&so...
https://hn.algolia.com/?dateRange=all&page=0&prefix=true&sor...
In the case of your comment, pejorative generalizations about national groups counts as nationalistic flamebait (that is, it has the effect, in the general case, of provoking nationalistic flamewar) whether you intended that or not.
They do it for lots of right reasons, I'm sure, but they also do it based on simple claims. While I thought that's a great way to hurt any site if such a claim is all it takes, I haven't experimented with it, so I don't know if you have to make it a legalese thing, or if they do some automated checks. But once you get a site flagged, it'll probably stay so, unless they have some very good connections to CF.
They will forward any complaints also to the hosting company of the origin, but if you're not in luck, the site will be hosted at a questionable company that has no trouble hosting phishing sites. Hetzner for example did quickly react and requested comments from us under threat of shutting down the server. They were happy with our response and their own checks however.
Still, I agree that they should have a way of de-anonymizing who is behind a site, their business is in protecting against technical attacks, not protecting against the law.
1. Get authorization code for transfer from GoDaddy
2. Put that in the host you want to transfer to (This will start your race against time). I suggest you use cloudflare since the transfer is fast.
3. Go to GoDaddy and approve transfer(GoDaddy hides this option to delay the process intentionally, follow the video to find this option).
4. Your details will become private again if your new host support whois privacy.
Here is a video(starts at 8:18) to do all 3 steps back to back: https://youtu.be/81LtL2ZvD38?t=498
I would not trust any of the registrars, not even Hover.
Would not trust Hover after that. They will just as likely to make you pay as any other registrar.
Edit: btw, Hover also has your phone number, so if you don’t reply to your email in time they could just as easily send you an sms. Of course they don’t do that, and rather wait it out so you have to pay.
There was text on the page that matched the name of a large financial institution. My suspicion is that this caused the problem.
1. Get authorization code for transfer from GoDaddy
2. Put that in the host you want to transfer to (This will start your race against time). I suggest you use cloudflare since the transfer is fast.
3. Go to GoDaddy and approve transfer immediately (GoDaddy hides this option to delay the process intentionally, follow the video to find this option).
4. Your details will become private again if your new host support whois privacy.
Here is a video(starts at 8:18) to do all 3 steps back to back: https://youtu.be/81LtL2ZvD38?t=498
tagging a cloudflare employee that I came across on HN if they can help you look into this.
May be Cloudflare can provide a way to export settings because even I use them extensively and this issue sounds like a nightmare.
Thankfully I’ve pretty much dealt with sorting out the configuration now.
The remaining point of contention for me is more that this is a terrible way to treat customers, not to mention the security implications of automatically removing a bunch of security features after such a short notice period!
Such a lot of disruption and bad feeling for the sake of 5 days of an expired credit card.
I've always thought their target audience was non-technical users that like their Superbowl ads. Everything they offer can be had for cheaper and with better support elsewhere.
By contrast, this is the email that a MAANG company received recently regarding a site being reported for phishing one of their login sites:
So I guess they are somewhat arbitrary in their phishing actions.
It's for this reason that people are losing massive amounts of trust in them, yet they seem to be the only viable option for most.
The concept of grace almost doesn't exist in business, and the idea that customers are valuable is all lipservice.
Take responsibility for your mistakes.
So no, it doesn't appear to be a GoDaddy fee at all. It appears they could charge a premium on top of that, but they don't appear to be doing so in this case (assuming it's a .com).
(But correct that's it's not a government fee either.)
It's everything you need from a registrar & DNS provider with nothing you don't: a thoughtful interface that is responsive even with a large volume of domains, no up-sells, first-class API capabilities (which is great for volume/bulk operations), and the pricing is solid/reasonably low-margin with no gimmicks, no front-running.
Only thing to note is that, at least last I looked, Amazon isn't actually the registrar -- it's some kind of 'affiliate' setup with a 3rd party, but AFAICT it's essentially Amazon.
Did they start sending NXFAIL for DNS requests for that domain? That's what "turning off the domain" means. But in that case, API access via IP would continue to work without issues.
Or did they start blocking traffic to the IP that you had associated with the domain? In that case, the domain would continue to work, you just need to switch the IP.
Based on your information so far, I wouldn't know what to do to repair it. I'm not surprised that others were unable to help, too.
So I guess what I really need to understand is whether this is a typical response or if there is more to the story that I don't understand/see.
If you are no longer using Hetzner, which other vendor(s) are you using?
If you actually have a trademark to the domain name then you can try the ICANN dispute process. If your entire claim is that you thought of the domain name but someone else bought it the good luck.
> Auto-renews every year, lots of reminders.
That's pretty standard with any half-decent registrar.
Are there any exceptions?
Yes, we continue to provide services to:
all anti-war media, protest resources and any type of websites that are helping to end this war and regime;
Russian citizens who are not Russian residents and don't support this regime in any way;
independent journalism;
non-profit organizations.
I'm guessing that's a low level person and they closed it with that.
There's a post here where the CEO wrote how they had about 1000 people in Ukraine being affected by the war.
Found it, https://news.ycombinator.com/item?id=30506813
I've stumbled upon them a couple of times before.
I left GD years ago after this - https://science.time.com/2011/04/04/godaddy-ceo-on-shooting-...
Not only did I hate their interface like you mentioned. Their customer service always sucked too. I moved a lot of TLDs off of there at my old job. Happy to say all the other companies I have used have been above and beyond better than GoDaddy.
Do some research and you'll find some great deals out there. Cloudflare, Hover, NameCheap offer great services IMO. Never had any issues with them.
> That makes me think they have control over the price
Well yeah, registrar is a business, of course you have some say on the price you sell your domains... But there's a base price that is set by the registry behind the registrars
As an example, the .com is sold by Verisign (the registry) around 9 USD for the create/renew, but around 50 USD for the restore, depending on the negotiated price between the registrar and Verisign. So basically no registrar will allow you to restore a domain in redemption period for less than 50 USD.
I ask this every time I see people who work within Domain Name industry on HN.
What is happening to .Web?
You can find most of the drama here: https://domainincite.com/tag/web
What year are we talking? I'm not aware of this ever being true.
It sounds like someone may have gained access to your account or there may have been some other issue. It's usual for them to have ask for video proof that you're the domain owner.
But to the extent US law applies and the other required details of the DMCA safe harbor are attended to, I do think the DMCA prevents the service provider from monetary liability in this scenario. Of course, criticizing them for acting rashly remains 100% fair game.
(As to the question of whether US law applies: one example you were discussing, Hetzner, is based in Germany and not the US. But I can imagine circumstances where US law might sometimes apply to them anyway, and/or Germany might have similar laws. I'm not an expert on the international angle here, and I'm not a lawyer in any case.)
It's long ago history now, but a good lesson learned.
I did not mention the former employer or any of their projects/clients by their names and did not include any images of those projects that were protected by any copyright that they held. It was screenshots of the website functionality after I had removed all original styling and revamped it myself (on my own time on my own machine using only publicly available HTML/CSS) from the ground up to anonymize it. All branding and images were removed and replaced. These revamps were never publicly released and were only used to create screenshots to display their functionality. They claimed copyright ownership of the images that I took, on my own computer, that had zero resemblance to their own software except for the workflows that they had. These were all public facing sites and there was no internal/proprietary workflow information being shown. The work being displayed was 100% my own creation during my employment, and I was not claiming any credit for work that wasn't done by me.
I did not bother disputing the fraudulent DMCA claim because my former employer that did it was extremely litigious and loved lawsuits and loved making them as long and expensive as possible to punish the people they were trying to bully into submission. The owner would frequently boast in the (open concept) office about all his lawsuits and how he was forcing people to comply to his demands with the threat of ruining them financially with lawsuits.
It did have an impact on my ability to find new employment, but I found employment anyway. I just made a PDF version of my website (well laid out) and send that with my cover letter.
Disclaimer: I work at such a small registrar, but you are not in our target market.
I was not aware of their abuse policy when I was forced to move my services from another unprofessional provider. I had settled on Hetzner. I'm glad you said something.
Over the last few days I've reached out to them for further clarification on their policies, and over those (multiple) communications there were enough professional red flags that its become clear they can't be considered for any future hosting of production or professional services.
Initially, I was stonewalled with: --- Thank you for reaching out to us directly to clarify this matter.
In accordance with German law, we are not permitted to disclose internal information to third parties or to review or verify the content of any potential abuse reports. As a matter of fact, we neither can confirm nor deny what is described in that thread. We want to assure you that our abuse team handles cases with care and sets reasonable deadlines and measures based on the gravity of the allegation.
---
I asked about what processes and controls they have in place to prevent fraud, and the written policies and timetables, and they didn't appear to understand English well enough to answer, they thought I was talking about other common forms of abuse rather than fraud.
As a customer, they were unable to provide me with any kind of written policy, adversarial response schedule, or other controls commonly needed to mitigate fraud.
No details or specifics on their policies, other than what they refer to as 'reasonable' time tables based on the allegation which are not clarified further.
It appears they consider multiple complaints more severe regardless of the legitimacy of the claims which they don't appear to evaluate prior to shutdown, and their Abuse Team decides on a case-by-case basis what actions are to be taken, and the response times allowed.
As a result, it appears this provider has an unreasonable amount of counter-party risk associated with it. Any company could file a claim, and hold your business hostage (as OP described).
What's worse, if they suspend or terminate your account as a result without notice; any monitoring that might have alerted you so that you could respond more quickly would likely not function correctly and fail silently without a cross-platform investment.
Putting aside the fact that it is just an insecure and undignified way of transferring data. Why not host the 'video proof' site on namecheap domain? so you know who's watching. And why not ask for photo ID instead of credit card? I mean anyone can send an email "go to [whatever] domain and show me your credit card, or I'll stop your [whatever] service" and NameCheap users will be conditioned into falling for this scam. Its reckless and unprofessional.
And i don't know how else to define took some of my money and registered a domain.. then kept it cause that's what happened. You have a deadline to do your cam show, which is shorter than the time their support service takes to answer an email about your concerns; After that you lose some of your money and your domain.