

Ruby on Rails website defaced? - csbartus
http://rubyonrails.org/

======
moeffju
More likely they let it expire or the registrar messed up. (DHH claims the
latter: <http://twitter.com/d2h/status/1590279638>)

(Speculation: Why don't US registrars usually offer autorenewal? Here in
Europe, especially Germany, it is unthinkable that my domain would just
expire. I get auto-renew by default, no matter how I pay. Conversely, with the
US servers and domains we hold, sometimes people don't even get payment
reminders _before_ the expiration date. Only when it's too late do you get a
notification. I find that strange.)

~~~
Jem
I've always wondered how people could forget their domains. I get at least 7-8
reminders for my domains prior to their expiry, and that's even on domains set
to auto-renew. It didn't occur to me it was a difference between European/US
registrars.

~~~
moeffju
Friends of me had it happen with web hosters, server housing and domain
registrars. When they were just starting out and forgot to tell the provider
to get the monies from their credit card, or whatever, they would just
disconnect the server or park the domain. Happened a few times and is really
annoying. I had assumed it to be a function of the far better giro system here
in Europe, but since a few months I'm paying most things by regular credit
card bookings instead of bank transfer, and it still works.

Maybe people just need to ask for and demand automated payment?

~~~
morganiangoose
the fact that it happened twice I think is telling though. At that point they
have only themselves to blame.

------
chaosmachine
Not a hack, but a registrar issue.

~~~
jherdman
Parent is correct: <http://twitter.com/d2h/status/1590279638>

------
Keyframe
you can buy a domain back (more correctly, extend your lease, not buy back -
because nobody can get a long hold on it in that time frame) at the same price
in the time frame of 3 days - no matter what. Sadly, I speak from experience.

------
gaoshan
So who is the registrar? Seems pretty serious to screw up a domain like that,
especially a domain that is so major in the web dev world. I want to know who
to avoid using in the future.

~~~
csbartus
it seems to be <http://www.enom.com/>

------
morganiangoose
The use enom, so their domain is in holding atm, so only the owner can renew
it. They will mostlikely have to pay ~135$ is it is considered in a redemption
period.

Enom does offer an auto renewal option, but its an option, not a default.

Domain Name:RUBYONRAILS.ORG Created On:19-Apr-2004 22:40:29 UTC Last Updated
On:23-Apr-2009 00:07:53 UTC Expiration Date:19-Apr-2010 22:40:29 UTC
Sponsoring Registrar:eNom, Inc. (R39-LROR) Status:CLIENT TRANSFER PROHIBITED
Status:AUTORENEWPERIOD

------
_pius
You'd think after the last time, they would have switched to a decent domain
host that sends reminders.

------
datums
Should just be able to log in and renew. Looks like it's an eNom reseller.

Domain Name:RUBYONRAILS.ORG Created On:19-Apr-2004 22:40:29 UTC Last Updated
On:23-Apr-2009 00:07:53 UTC Expiration Date:19-Apr-2010 22:40:29 UTC

Ip of parked paged owned by eNom

------
smanek
<http://www.whois.net/whois/rubyonrails.org.com>

It seems like the owner info was changed a few hours ago to
<http://buydomains.dk/>

------
adammarkey
Maybe Oracle will buy this now too.

------
miracle
In Luxembourg (.lu), the registrar just disconnects your domain name for or a
few days before it's free to register again. If your domain doesn't work
anymore, you will probably notice and check if you have missed to pay or not.

------
carbon8
The exact same thing happened last year.

------
csbartus
That means the domain must be bought back by Rails? What is your price
estimated for the buyback?

------
mahmud
Conflicting messages are abound:

[http://www.techcrunch.com/2009/04/23/rubyonrailsorg-
domain-d...](http://www.techcrunch.com/2009/04/23/rubyonrailsorg-domain-
derailed-by-hacker/)

~~~
ericb
That's not a conflicting message. That's poor reporting combined with an
attempt to imply drama that anyone familiar in the least with domains can see
is highly unlikely.

Edit: The reporting is about this good: "man in valet jacket seen driving car
he doesn't own to hotel entrance. Possible theft?"

~~~
graywh
And yet, we still put up the techcrunch articles.

~~~
ericb
Their "source" was a random tweet from someone with _no_ relation to the
situation. They should be embarrassed. I'm going to tweet that Microsoft is
switching to Linux to help them with their next article.

------
st3fan
Uhoh. Looks like someone forgot to renew the domains.

