
Do not register a domain name with your hosting provider  - g-garron
http://weblog.masukomi.org/2012/11/19/never-register-a-domain-name-with-your-hosting-provider
======
veidr
Yes, or just have a web hosting company that doesn't _utterly suck fucking
balls_.

I know a lot of people still use Network Solutions and GoDaddy, despite the
fact that 5 seconds of armchair due diligence[1] would tell you that you
shouldn't.

I've been hosting websites on Pair Networks[2] since (/searches email archive)
1997. My own projects, then client websites, and sites for multiple employers.
Because they are awesome, when they opened PairNIC[3], I moved all the domains
I control to them.

You could reduce this blog post down to "Don't register a domain name with
your brother-in-law... if your brother in law is a fucking asshole who will
try to rip you off."

And then factor that down to just "Don't register a domain name with a fucking
asshole."

(So I guess the only reason I commented at all was because of the chance to
plug Pair, who have been so awesome for so many years.)

[1]: <http://bit.ly/TNoTYN>

[2]: <http://www.pair.com>

[3]: <https://www.pairnic.com/index.html>

~~~
Natsu
Be careful with that. You have to watch out for good companies being bought
out by assholes. For example, I was a happy Speakeasy customer for a long
time, but eventually Megapath bought them out. The Megapath CSRs were the
least helpful people I have ever talked to and their cancellation process is
deliberately broken too.

So I'm right with you on avoiding doing business with assholes. But just
remember that a good business can go bad, especially if they get bought out by
complete and utter assholes. Like Megapath.

~~~
mapt
This is a _structural feature_ of modern web entrepreneurship. Through a great
new time-saving product with few annoyances at a low price, one builds an
audience loyal enough that they can convince investors to hand them lots of
money, and then fulfill whatever contractual obligation they've assumed to
pound that userbase for more money/eyeballs, driving them away. Sometimes it's
not even a matter of additional revenue, but stoking the ego of investors.
Google, for example, just removed size from their image search in order to
'simplify the UI' for mobile users who are sexier in terms of plausible
growth; This has driven away large numbers of power users, and made it
manifestly less useful than Bing.

The average lifespan of a useful tool / company is only a few years; If
investors are involved there is always a dark side. Userbase goodwill is a
valuable resource will eventually be tapped and depleted.

------
zhoutong
This is exactly one of the reasons I started NameTerrific. Dealing with domain
matters can be a pain, especially if there's a conflict of interest. A bonus
point: almost all registrars provide web hosting services (including GoDaddy,
Namecheap, Register, Name.com, eNom etc). To them there's no better up-selling
opportunity.

Hover is great. It's really easy to get started and it just works.
NameTerrific delivers an excellent domain experience to the other end - the
hackers/developers/geeks group. Plus it's a little bit cheaper than Hover.
(NameTerrific also never sells hosting. The only "extra" product we'd consider
will be SSL certs.)

The landscape has been broken for a long time. The domain industry almost
never evolved in the last 5 years. There's still price war, crappy experience,
hijacking and spamming.

~~~
experiment0
Just registered on your site and wanted to say it looks great! May be using it
in the near future!

~~~
zhoutong
Thanks for the compliment!

------
spindritf
I'm not really convinced of that. If your registrar folds or turns on you, it
will be painful regardless of whether you also use their other services.

You're suggesting that it's somehow more likely that they will cause trouble
on the registrar side of the business if you try to move away from those other
services. Which may be true but should be more than compensated for by the
fact that providers with a large offer of various services are also large
enough not to care about you in particular.

Will OVH even notice that I stopped using 10 or 20 of their servers, have
someone connect the dots, and put some sort of hold on my domain? I find it
much less likely than a small (relatively to OVH) registrar operation simply
folding.

What I would advocate instead is to use a really solid registrar for a high-
value domain. For example, in Poland our national registry (NASK) for .pl also
acts as a registrar. And while their prices are somewhat higher than the
competition (~4x), it's as solid as you can get and I know people who keep
their short, or otherwise cool, domains registered sometimes well in the
nineties there for safety.

~~~
cowsaysoink
Using a good registrar is key but you also want to separate host from
registrar because you want to keep your content.

It is a much more common case to change hosts than it is to change registrars.

But even if you lose your domain name somehow through a bad registrar your
content can also hold a lot of value and though you would take a big hit by
changing domain names for a lot of sites (like blogs and other content heavy
types) content is key.

See the recent incident with cyanogenmod the move to .org went rather well
until the .com was given back and not having a separate host can make it so
you don't even need to restore from backups/setup a new environment.

~~~
spindritf
> you also want to separate host from registrar because you want to keep your
> content.

Some diversification is, of course, a good idea. Your team chat/irc and
documentation/wiki should be hosted separately, if for no other reason, then
so that you have something to work with in case of an outage on your main
infrastructure.

Same goes for backups. Have them somewhere else, and preferably also locally.

There are many ways to do slice it. I'm not convinced that the one outlined in
the OP is really as obvious as the author implies.

------
lutusp
I have heard accounts that, in the past, NetworkSolutions.com (owned by
Web.com) would charge a ransom of $99 to anyone who tries to move a domain
name away along with their business:

[http://www.ripoffreport.com/web-com/web-
hosting/jacksonville...](http://www.ripoffreport.com/web-com/web-
hosting/jacksonville-florida-35EE1.htm)

For balance, I recently moved my registration from networksolutions.com, based
on the reasoning of the linked article, and nothing like that happened --
there was no problem and no extra charges. Nevertheless, it's good advice to
avoid registering a domain with a provider.

~~~
akanster
Shady company. For a while if you used their domain availability lookup, they
would register the domain, forcing you to pay them if you wanted it.

[http://www.billhartzer.com/pages/network-solutions-
registeri...](http://www.billhartzer.com/pages/network-solutions-registering-
domains-after-availability-lookup/)

~~~
goldfeld
That seemed like a wonderful opportunity to set up a script that looked up
thousands of bogus domain names (e.g. aaabbbcccddd.com) to spike them.

~~~
mutagen
Network Solutions (and others) were abusing a 5 day grace period in which
refunds were available. Ostensibly this was to address typos and mistakes.
Domain squatters would also abuse it by registering thousands of typos and
random word combinations names and use the grace period to get a 'taste' [1]
of traffic. If they thought they could monetize the domain, they'd keep it.

[1] <http://en.wikipedia.org/wiki/Domain_tasting>

------
scrumper
This is good advice, not least because an avoidable single point of failure is
never good.

I have my domains with a registrar, hosting elsewhere. Recently my former
hosting company, FatCow, suffered a catastrophic router failure that took down
everything - their home page, all customer sites, control panels, the lot.
Infuriatingly, this happened right after I sent out an important marketing
message. Because I wasn't registered with them I was able to move to a backup
service as quickly as I could sign up for an account and change nameservers at
the registrar. (Propagation took a while, but it was working for some people
very quickly.)

~~~
MichaelApproved
I think you're technically increasing your points of failures by splitting
domain and hosting.

You're not adding redundancies by splitting the services. Since these are
mission critical services, if either fail, everything fails. Now by splitting
up the services, you're increasing your risk of failure.

Take this scenario as an example. Suppose a random host will fail 1 out of
every 500 days. Well now you have two hosts that could fail on 2 random days
out of 500 days instead of just one host that'll fail once for every 500 days.

The above is not exact but i hope it gets the point across. I'm not saying
_dont_ split hosts, I do that myself. I'm just saying don't think you're
limiting point of failure by dividing mission critical services apart. You
need redundancy for that.

~~~
saurik
No: if your registrar goes offline for months you have not lost anything but
your ability to update your DNS entries and renew your domain. Your registrar
is NOT a mission critical service: it is the only way for you to recover if
your DNS infrastructure needs to be replaced.

------
carlisle_
Maybe a shitty host will do this to you. I currently work for a web host and
our support team will bend over backwards if that's what it takes to get a
domain transferred away from us.

The title of this article should be "Don't do business with companies that
utilize shady and unethical business practices."

~~~
bwb
I totally agree, I'm one of the owners of Site5.com and we would never stand
in the way of someone moving a domain away. We leave it up to the customer if
they want to register a domain with us or other registers.

I would also mention it is illegal under ICANN rules to prevent customers from
doing this, thanks, Ben

~~~
troels
Even if there were unpaid bills?

~~~
carlisle_
We would even if they owed us money. You can't hold a domain hostage for
bills.

~~~
troels
In that case, you have higher standards than most anyone I've dealt with in
this business. Kudos for that.

------
madao
I work for a hosting provider, there are actual rules for registrars
preventing things like this happening, I dont know what happened to you in the
past but its very unlikely to happen, Registrars essentially risk their
business doing this, here is a copy of the rules for .com.au namespace..

<http://www.auda.org.au/policy/current-policies/>

------
mvkel
I have yet to hear a convincing argument on why planning for the edge case,
which is usually a minor headache at worst, is worth it in the long run.

We can all say "it's better to have it and not need it," but some judgement
should be used when it comes to the amount of calories burned just to sustain
an inflated sense of contingency.

~~~
gabemart
>I have yet to hear a convincing argument on why planning for the edge case,
which is usually a minor headache at worst, is worth it in the long run.

In this case, the cost of "planning for the edge case" is close to zero. In
fact, you may well find a reputable registrar who charges less than your
hosting provider. I currently have two domain names registered with my hosting
provider out of sheer laziness, and the rest registered with Namecheap. The
registrations at Namecheap are cheaper (by an amount which is significant
percentage-wise but insignificant in real terms).

------
hackount
Many of the reasons presented for not using your web host as your registrar,
such as they may get bought by a shady company, or try and lock your domain in
if you try and move it, could happen just the same with an independent
registrar. I don't using a separate registrar mitigates risk, and the benefits
of having your domains at your host can be numerous: consolidated billing,
automated DNS setup, and in some cases cheaper prices because the hosting
company treats domain registration as a value-add to its primary product
offering (hosting), not as a source of revenue generation itself.

The process of transferring domains these days is automated and nearly the
same between every registrar I've used in recent years, regardless of whether
or not they offer hosting. I have never had one that tried to lock me/prevent
me from moving a domain, period, as long as you have direct access to the
account at the registrar which the domain is registered under.

This does bring up one scenario that I do warn people against when registering
a domain however. Always make sure you personally setup and hold access to the
account at the registrar that holds your domain. Don't just let your web
designer do it for you because it's easier, or you don't understand the
technical stuff. Get them to walk you through it, but make sure it's your
account. I have seen disgruntled web designers make life difficult for clients
trying to migrate away from them on more than one occasion because the domain
was registered under the web designers account.

------
dangrossman
Another argument in favor: don't stick unnecessary levels of separation
between you and the company that controls your domain. Only the very largest
web hosts are also domain registrars, the rest are simply reselling another
company's services. If there are problems, you're stuck dealing with them
through a middle-man.

The only advantage to buying both hosting and domain registration from the
same company is billing convenience, while there are numerous advantages to
not doing so. Just choose an accredited registrar.

~~~
zhoutong
Fortunately, most accredited registrars that offer reseller programs allow
domain registrants to claim back their domains and manage them directly
through the registrars. So there's no stuck-with-a-middle-man issue as you
described.

IMO the real danger is when the hosting provider is a registrar. Domain
registrars have a lot of power, because for most TLDs the registry never
touches your personal information - the registrars do. The registrars set the
EPP code, which is the key to transfer your domain away. A reseller generally
cannot prevent a domain to be transferred away if the registrant insists to
(the most a reseller can do is to keep sending locking domain API calls).

------
16s
Another reason is added security. The joint registrar/hosting companies allow
you to use the same account/password to access and update the site that you
use to transfer and register domains.

My rule of thumb is the registrar, www hosting, email hosting and DNS all be
totally separate and have unique accounts with different companies. They all
use unique passwords too. A compromise of one will not compromise the others.

------
bmj1
There's another good reason not to do this. I had a host go bust ungracefully
on me a few years ago - rescuing the domain took weeks of chasing with
icann...

By separating the two, you can be up and running on a new host in hours in the
event your host goes dark.

------
benatkin
> There is no guarantee they won't be bought by an ass-hole tomorrow. There's
> no guarantee some greedy concepts won't start to permiate their management.

In which case, you're likely to run into problems whether or not they host
your site.

------
troels
Part of the problem is that domain registration and DNS hosting are usually
conflated, when they are in fact very different things. Domain registration is
more a legal discipline than a technical one - Especially when you begin to go
into registering international tld's.

For registration, I would pick a trustable company to run things for you -
Small and personal is ideal. The DNS hosting, on the other hand, is probably
served best by a big company with solid infrastructure - Such as the place
where you host your main hardware or with a dedicated dns hosting service.

------
eCa
Also do research your registrar, and transfer out at the first sign of
trouble. I had an important (for me) domain at RegisterFly [1]. Took some time
to reclaim it after it had been transfered to Enom. Currently moving other
domains godaddy -> gandi.

[1] <http://en.wikipedia.org/wiki/Registerfly>

~~~
eze
I was disappointed with Gandi in terms of security features. On the plus side,
they allow you to disable password resets, but then this is fairly standard.
On the other hand, they don't offer two-factor authentication or login
notifications. Moreover, they inexplicably publish your "handle" under your
whois information (as "nic-hdl"). This gives away the username, arguably
making targeted attacks significantly easier.

Edit: grammar.

~~~
scott_karana
Who do you use for your registrar, currently? I'm not particularly happy with
my local one, and a security minded one would be a refreshing change.

~~~
eze
I have been using Name.com for a while, and I like their approach to security.
Though I must say... I once forgot my password (made it way too complicated)
and in addition to a fee all it took to recover my account was to send a scan
of my ID card. I think I'll write up some modest proposals for this industry.
Moniker's MaxLock is too expensive and imprecise.

Boy, was that a long answer to your question!

------
olgeni
Also, run your own bind servers to avoid getting caught in the DDOS of the day
(and have some fun with views while you are there).

------
dudus
Domain registration in the US is a mess. I can't get my head around it. I
prefer the system we have in Brazil.

In Brazil there is a non-profit organization that administers the .br TLD. All
domains sold are sold through this entity (registro.br). After registration
you just insert your DNS IP addresses and that's it. No worries and no complex
transfer process.

~~~
Legion
And they cost about $60 USD.

That's why.

~~~
lzm
They actually cost $15 USD/yr. In fact, the price has decreased over the
years. [1]

[1] <https://registro.br/dominio/valor.html>

------
systems
I strongly recommend that one who plan to buy hosting services or register
domains to visit <http://www.webhostingtalk.com/> few times

You will get a better understanding of the hosting and domain business

The key point for me was, there are so many resellers, and most resellers are
terrible and dont live long

------
nvr219
I register with namecheap and just hosted my personal/family sites on
namecheap as well because it's easier. Work stuff, keep separate.

------
saurik
Even if you don't buy this argument (that the registrar/host will actively
make your life difficult when you want to switch service providers), a more
underlying reason you should not host your domain with your hosting provider
is that it means that if they go offline you are screwed and have no options.

Contrary to what many people here seem to believe: your registrar is not a
point of failure during normal operations. The only thing your registrar does
is to allow you to renew your domain name and to change your DNS entries; this
canonical data is not stored with them.

You do not need to do that every day: you don't even need to do that every
year. If your registrar went offline, tomorrow, for months on end, the only
way you'd ever notice (assuming your DNS provider didn't go offline) is that
whois would not return detailed information for your domain.

However, if/when your DNS goes offline, you are hosed: anyone without a cached
copy of your records (which in the end is a very large number of users, even
with long cache times) no longer can access your website; they are truly a
point of failure.

How do you fix that? Well, you go to your registrar, whom you hope is online
that day, and you change your DNS servers to point to someone else. Your
registrar is your backup: they are the people you need online only during on
that rare day when your DNS is offline.

Now, if you take any DNS service out there, even the most reliable, it is
going to be offline someday for some reason for at least some of your users:
they may have multiple locations, but today the east coast got destroyed by a
hurricane, and all of your users in the relatively safe state of KY are still
being forwarded to NJ? Well, maybe you want to fix that.

Having a registrar that is not your DNS provider means that there is now some
chance that you can do that. When the DNS service is working, the registrar
doesn't cause you any issues: if it goes offline you aren't even going to
notice.

Yes, there's some astronomical chance that the registrar does something
insane, like has a glitch that deletes your domain name from the root
servers... but frankly, that kind of glitch is going to be uncorrelated from
outages and might happen no matter where you host it: the registrar is your
one truly infrastructure-mandated single thing you have to trust to not do
things that are insane (but thankfully don't have to trust are online).

This "trust not to do something insane" is then then how you need to choose
your registrar, and it is not how you probably choose anything else in your
stack. This is much more of a legal than a technical issue, as pointed out by
one of the only other comments on this thread that seems to understand this
(the short one by troels).

However, having your DNS (along with whatever else: HTTP, database, anything
else you may use; none of this is important: DNS is king) at the same place as
your registrar is just a death sentence for reliability. You've even given up
your option to just point the domain at a "sorry, we are offline, please try
again tomorrow" page.

I now will point out (again[1]), that this is basic prerequisite knowledge for
running a website. Before you spend time deciding things like "Ruby or
Clojure", "HBase or PostgreSQL", and "Linode or AWS", you should learn how
websites are put together, what DNS is, and what a registrar's purpose in the
ecosystem really is.

[1] <http://news.ycombinator.com/item?id=4502451>

As much as I like to think some of these other decisions can be critical to
your ability to pivot later, if you don't know how a website works in the
first place well enough to notice at a glance "oh, if I host my registrar and
DNS in the same place I'm screwed in the case of a single outage" you have
much more serious problems, and you aren't going to be able to make informed
decisions anyway.

Truly, in the end, you can build a fine website using PHP, MongoDB, and hosted
on a single machine in your janitorial closet; if nothing else, when it
inevitably fails, you will be able to quickly migrate your DNS entries to a
page saying "we are sorry we are offline: we used bad technology". ;P

------
mariuolo
I'd never use a registrar that hides behind whois privacy.

------
drivebyacct2
Web hosting fits into that category of software like Git. So many people
expect it to be simple that they're tricked into thinking it is and being
upset that there isn't someone there to hold your hand.

If you don't know the difference between a CNAME and an A record, then hire
someone to register your domains and setup them up, or learn enough to make
informed decisions. The rash things that people do because the Internet
enables them to does not excuse them.

edit: Sigh, at least tell me why you're downvoting so I know what to address.

~~~
jh3
Just a guess, but I'd say you're getting downvoted because of your second
paragraph:

> If you don't know the difference between a CNAME and an A record, then hire
> someone to register your domains and setup them up, or learn enough to make
> informed decisions. The rash things that people do because the Internet
> enables them to does not excuse them.

~~~
bpatrianakos
Why in the world would anyone take issue with that? Especially here on HN of
all places? I mean, sure, I can see exceptions for non tech savvy people
running a personal site or a really small business website not having to know
the difference but are we so pedantic that you have to explicitly point out
all edge cases and exceptions in our comments now? Sheesh. The message was
pretty clear and there was nothing downvotable about it.

~~~
aptwebapps
Must have hit few people who don't know the difference between a CNAME and an
A record but who nevertheless manage their own registration.

Elitism is in the eye of the beholder, I guess.

~~~
drivebyacct2
I promise it wasn't meant as elitism. If someone were to think that knowing
DNS makes them elite... well, that's unfortunate.

My point was much simpler, know when to outsource it to a third party or
someone you hire, if you don't know the details of what you're getting into.
Especially when it's something as fundamental as the ONLY entrance point
people have to your business's online presence.

