I need a little website, and go figure to what will it grow. So I picked a suitable domain, I wanna buy it.. Initially it's some 7$, then it turns to 30 a year. I plan to buy it form namecheap.com (any alternative suggestions?).

7$ is fine, 30 is - well, I don't mind. Although what is there to be worth even that? Oh well.

But there is an issue: some domains are cheap, others expensive. The domain I'm buying is nearly worthless, as long as there is no website attached to it. Afterwards, the domain's personal worth for me will increase dramatically.

So the question is, how am I protected against a rate hike should the seller decide he wants to earn more from me?

If my efforts increase the value of a domain, it's certainly still has to belong to me.

Something tells me a lot of people here have a lot of experience with this topic.. I hope you can help me out

Thanks.

I've been using name.com for a few years. I have no major complaints yet. I don't think a good registrar would suddenly boost the price of your renewal after a year or after the site became popular, but then I've never had a site get popular.

I think there's some law regulating this.. I'd like to know.

Namecheap is my favorite so far.

I used to keep domains on the host but that has turned into a bit of an unnecessary annoyance when you have a lot of domains and need to change hosting.

The seller can’t boost the price of the domain once it’s registered to you. You own it when it’s registered in your name, it’s like a home. If a domain is high right now what’s because somebody else already owns it but wants to get rid of it and sees it as having some value.

I had switched most of my domains to Hover.

i've used a few (godaddy, network solutions, namecheap, name.com) always want free privacy and cheaper renewal, for last 2 years i've been using namesilo they very slightly cheaper than the other last time i checked which was 2 years ago

affiliate link price page https://www.namesilo.com/pricing.php?rid=cfbb673cp

affiliate coupon $1 off DFCMS

I used GoDaddy to secure a personal domain. Linux server with bunch of perks + SSL cert + 2 year contract, hosted in SW US. Roughly $200, but worth it for the name.

I've got two (bought three total) through GoDaddy.

I think we've all missed the part about the price though. Will it ever go up? Can they charge whatever they want now that I own the domain? What happens when I go to renew my contract?

Domain prices tend to go UP! Some part of it is because of ICANN (A web host I use complains about it a lot. Sometimes they'll send a notice I think through their blog about incoming price increases be ICANN wants to charge a higher fee) And other times it's just whoever owns the TLD.

Best bet, buy up to 10 years now, or as soon as you can, and you won't need to worry about the price jump until 10 years from whenever you last renewed.

10 Years is the most amount of time you can have on a domain. Trying to buy more is just wasting money. So if you have 9.5 years, renewing will charge you the year price, but you'll only add half a year.

I haven't used GoDaddy in years, but when I did their site was a brainfuck to navigate, and I wasn't impressed by their service either. I don't think their price was anything to make up for it either. Another one I can recommend against is 1&1. They royally fucked me by "linking" my domains to my host so when I tried to change hosts they wanted to charge me again for domains I already owned. I recommend you avoid moving domains to a host. Keep them separate so that they can't do that to you. Also, a registrar first is going to do the registrar thing better, whereas a host first is going to half ass the registrar thing.

Yeah, we discussed that before. It's not as bad anymore.

Don’t use GoDaddy. That’s my only other piece of advice 😄

Why? Better not be some political reason.

I mean, it's a freakin' domain forwarding service. You want a taco, you go to a taco stand. As long as the taco tastes good, what more do you want?

And I'm NOT defending GoDaddy like I "like them" or anything. They're just a tool. What I'm curious is... what are people's actual reasons for hating them? (like I said, the GUI is fine now.)

I buy a domain, they bill me. I cancel a domain, they stop billing me. I don't get spam. And their DNS entries change "fairly" quickly (within hours). It's no speed-record, but it's a reasonable time for DNS to propagate.

I have way more to complain about with my ISP, than my DNS.

I've considered cheaper ones. But GoDaddy isn't that expensive ($20/year), and I supposedly, I get "name brand" / USA company / etc customer service should something really go wrong. Whereas, with lots of these tiny companies, you may not get a service return for awhile because they don't have 24/7 service (because they're a 1/2/3 man operation), or they might just say "Go !@$! yourself" and with a larger company--it seems like--there's more room for customer service. Like, if I had a horrific experience, I could tell the news, and it'd be a PR blunder / threat and they'd fix it immediately. Like when that guy saved up for SEVEN YEARS to buy a Porsche (his childhood dream) and it was was a complete lemon and had to take it to shop like 20+ times and the shops kept telling him it's his fault or not covered and he made a video on YouTube about his experiences and everyone was like "OMG that's the saddest thing ever." and Porsche decided to give him a brand new one or refund it.

https://jalopnik.com/the-saga-of-the-lemon-911-and-one-mans-quest-for-just-1564141012

https://jalopnik.com/victory-porsche-says-theyll-buy-lemon-911-guys-car-b-1564711471

Buying from those little places is like buying something "custom" from eBay, verses a brand. Oh, how I've been burned by eBay many times. "Fully rebuilt engine"--rattles because there's a tool inside the engine and in the oil pan. Drove 20 hours to get it. "Fully rebuilt, upgraded VW transmission, $1600"--works, but in 5th gear, the shifter moves with the torque of the engine implying something is wrong. If those were real companies, I could have threatened them with a small claims court.

That said, again, I'm not opposed to trustable competitors. If they actually compete on ... price... or service. I've heard Namecheap before.

[edit]

Hmm... namecheap is like half the price of Godaddy. I mean, $20 vs $10 a year isn't really... anything. But still. Why waste money.

But their "domain finder" javascript thing keeps timing out while GoDaddy actually loads.

WTF.

[edit]

Okay, now I'm on a Namecheap binge. No idea how bad/easy the service will be. But some of their "Deals" are like, $1.00 domain names and it "seems" like you DON'T have to buy another year in advance at retail price. Whereas GoDaddy requires you to pay $20 (normal year) plus the sale price. But I haven't gotten to the checkout yet.

Wait, GoDaddy forces you to buy two years? You can't just buy one year?

If you buy one on sale, if you want the sale price, you also pay for the next year.

$3.00 sale
$20 normal

$23 for two years.

Basically $3 bonus profit plus the normal profit... GoDaddy is a racket. You answered your own question.

Honestly, I'm pretty sure I got shit service from GoDaddy. It has been too long (read: many beers) to remember details. I know I got shit service from 1&1.

I think I've gotten great service from name.com. You have to be careful when choosing the "little" guys, but by word of mouth from trusted peers you can find the good ones (I posted here many years ago and ML recommended name.com at the time).

Whereas the big guys won't treat you well because you're literally nothing to them. They don't care about you. They care about the 4 or 5 figure clients. The 2 figure clients are just easy money for the big guys. If they neglect them anyway.

Think about it.. GoDaddy is a primary sponsor for a fucking Nascar team. That's insanely expensive. They're a goddamn registrar and Web host. Not sure what else, but I don't think they do anything particularly well. How do they afford to run the racing team and still make a profit? I haven't seen their numbers, but I'd say they're fucking the average client hard and most of them never know it.

I think bam said it best:

Bam's on point with this one. GoDaddy is one big upsell, like buying travel tickets through some upsell agency. And once you become a customer they don't treat you any differently. Their interface is shit. Also the stuff he's said here I've had similar experiences with. Just skimming the web, there are some more points outlined here: https://karveldigital.com/why-i-dont-use-godaddy-you-shouldnt-either/

1&1, Bluehost, and FatCow are what I've hosted www.allmusiclibrary.com and a bunch of others on as a freelance web designer... but that was a long time ago. They're oooookkaaaaay I guess. 1&1 is not the best when it comes to keeping the customer in mind. When compared to 1&1, GoDaddy is a shitshow.

My favorite so far is probably FatCow. I would recommend them above all the others for what you're trying to do.

Either way, now-a-days I do my hosting on more elaborate platforms like Heroku or Google Cloud, so I haven't used those platforms much in the past 6 years apart from moving my stuff off of them

One of my IT friends also just recommended NameCheap.

When my personal site was up, I literally hosted it on Google Docs. I had a simple webserver and embedded a Google Doc for every page. So I could easily through Google (any PC) WYSIWYG edit my pages.

It forced everything to look like a Word doc, but it still had a kind of professionalism / this-is-my-resume look.

Same, so namecheap it is.
But main question generally remains unanswered, with two conflicting claims(& no sources of course): can the price go up? And can it be "unfair"?

About GoDaddy.. Well, I believe it's is MOST KNOWN domain seller, by far. Like where to buy a domain? GoDaddy! I knew bout it when I was a kid.. Now must be the kids grew up, and not all of'em bother to post on A.CC where should they host, nor all of'em have IT friends, I guess..

So that's how GoDaddy affords Nascar team

P.S:
Yep, the difference seems to be like 2:1 for the domain I want, and due to the fact so many people here named namecheap, it isn't a small group either. So it's likely not to screw up things.

However, should I be worrying about privacy anyhow?

When you register a domain you are required by law to provide your name and address and contact info. By default, anybody can look this up in a registry and find this information. If you don't want it to be publicly available, you can get private WHOIS services for the domain. Basically, your registrar will give out their own information instead, and more hoops are required to access the real information. I'm not sure if the public can still access it, or if they need a legitimate reason (e.g., law enforcement). Some registrars will give you this for free, while some might charge another fee to get it (e.g., $5 or $10 per year). Just like the domain, you'll have to renew the WHOIS privacy whenever it expires (usually a year or two, depending on how long you register for). In short, there's no real "privacy" when registering a domain. You are expected to give your true identity so that will be linked to the domain one way or another.

I wonder what are my risks if I provide the info without privacy. Furthermore, who's gonna verify my address should I desire to arrange my own privacy free of charge?

https://webmasters.stackexchange.com/questions/10473/providing-fake-info-during-domain-registration-does-it-matter

Maybe the only risk is that you could lose the domain if you happen to get checked.. If you're willing to risk it then that doesn't seem so serious. But then again if you're attached to your domains you'd probably hate to lose them.

All of my contact information for my domains is pointing to an apartment I haven't lived in for 12 years or so

I should probably update that ... ahhh ... I'll do it tomorrow

I think it's really !@$!@'d up that you have to have a name and address, in the modern world on a WHOIS. (It's annoying enough every time I register a website that I get super-spammed on my phone number with cold calls for "web design".)

That means literally anyone could find your WHOIS, and send you a mail bomb or stalk you, for hosting content that a political faction hates. ANTIFA hates that you're not 100% for transgender people fighting in MMA matches? Firebomb. Neo-Conservatives find out you like abortions? Firebomb. You're a black person? Burning cross in your yard--or worse, someone steals your kids on their way to school. You're a beautiful woman? They literally have your address.

And if you ever owned a domain BEFORE adding a privacy guard, there's like a 99% chance someone already has that WHOIS snapshotted in a database that users can buy access to.

I'm okay with people disagreeing with me. But we really do live in a world of not increased crazies, but increased utilization of crazy people. Twitter "leaders" who will "hint" for someone to be attacked and then someone crazy person attacks. The leader disavows, the crazy person is completely anonymous until they attack (and possibly after). And almost nobody has any direct consequences for spreading hate to every day people. Hating politicians is one thing, but everyday american's being hunted and fired from their jobs, that's scary. It has a chilling effect (should I even post this? Is it worth being possibly stalked?), and honestly, we as a society should demand a better world than this by actually adapting laws and systems to accommodate for this new kind of attacker. WHOIS shouldn't have open access to addresses. And other laws, regulations, and services should also be adapted to help stop it. Twitter should have already faced congressional scrutiny by now.

[edit]

You can't have Privacy WHOIS with .US domains? WTF?!.

I don't know. I imagine the reason for WHOIS data requiring name, address, etc., is practical, and there's probably a good reason for it. Of course, it is a privacy concern, but that's I think what the private WHOIS service is for... Whether it's necessary to pay a fee for that is debatable, but if I was to speculate I'd say its to pay for the off chance that somebody does contact the private WHOIS (i.e., the registrar) to ask about it and they spend company time working on it. But maybe it's just a money grab. I don't know.

I'm all for privacy and security mind you. If there's no practical reason that WHOIS data is needed to keep the Internet reliable then I don't care if we get rid of that rule. It almost sounds like the only reason for it is actually to stake your claim on the domain. If the registrar has no idea who actually bought the domain and somehow the account is hacked or is otherwise in dispute how are they supposed to figure out who really gets it? In that sense, I think it sort of makes sense that they need your identity in no uncertain terms, and a name is not enough. A name and an address is probably unique in 99.999% of cases. A phone number or email helps too.

Of course, an email alone is potentially identifying. And they could always use an anonymous method to secure it, like say an asymmetric key pair? Of course, if you fail to sufficiently secure or backup your private key it could still be lost. Your identity is forever, and probably more difficult to spoof. So meh. I don't think it's really problematic for the DNS system to require your identity. Particularly if the only risk from invalid information is losing the domain if they happen to check on you and fail to find you.

There are other, anonymous ways to publish content and communicate, so DNS isn't strictly necessary for that.

But really blows my mind... is the US making it illegal to use a privacy service... but only for .US domains.

Like... what's the big deal? If the USA really needed it, they would have required it when they owned ALL OF THE INTERNET (before they turned it over to the ICANN / international organization). So why only .US domains? What's so special except that you need to be a US citizen? Why does proving I'm a US citizen == "Show literally everyone in the world my address."

I like using .US names. They're typically cheaper, have words available, and you can combine words into them that end in "us" into the domain name extension.

https://my.bluehost.com/hosting/help/485

And they even warn that the US registry checks the information so if they fail to contact you, they will seize the domain. Except... my phone is also SPAMMED TO HELL from every Indian web designer on the planet the second I setup a domain.

And again, if I want to make a website where I may host something "someone somewhere" will find controversial, then I'll need to completely disassociate my name from it and use a privacy guard whois compatible domain extension. Because if I use that username ANYWHERE, they can then lookup my home url, and then whois that, and pipebomb my children on their way to school--or more likely, try to get me fired by contacting my employer with as much warped, out-of-context evidence as possible.

(I really doubt being a disabled minority would prevent me from enduring the wrath of being known as a "traitor" to my political party. Ethics aren't really a strong point for people who are willing to send glitter bombs to ordinary citizens' houses.)

I don't know man. I wish we were still back in 2005. We had early Wikipedia, early YouTube. We had flash movies. We had tons of torrents with the government and industry having barely any understanding of technology. You could write things online, and not have to worry about TWENTY YEARS LATER someone digging it up and getting you fired.

Like, I was a kid once. I had BAD IDEAS. I had misconceptions about the world that I would find niave at best, and offensive at worst. I used to care whether gays got married, or whether people believed in religion. I've grown up, and I should be able to grow up. But people today are leaches. They throw their dragnet into the wild web, and scrap for anything that they can use--no matter how distant--to devalue and ostracize their opponents. And regular people--not just presidental candidates--are being thrown under the bus of "progress" as if tweeting out something racist when you were a kid somehow single-handedly prevents black people as a whole, from being able to succeed in life. (FYI, I've never tweeted intentionally racist stuff for shock value. But it's an example. I know plenty people who used the n-word growing up for shock value / forbidden fruit / rebellion, and then later grew up and are ashamed of that past but grew up to be good, loving people.)

So to bring this back to the topic a bit. Yeah, just use a domain extension that doesn't have that insane (9/11 / Patriot Act rooted?) requirement that the general public can read your address. But, it's also dangerous in other ways. Because if you don't use a completely unique username and someone can link that, to your real life, you're toast.

And, it's only going to get worse! Our kids will literally grow up at a time when usernames can't hide you. Because we've already got (but hopefully not massive-scale deployed to end users) the ability to match writing style with users with like >95% accuracy with enough words. That means there's literally no way to hide. You are a single person and if you dare say something that even TODAY might be okay, but TOMORROW someone finds to be "standing in the way of progress" you might as well walk outside and endure your lynching.

[edit] A source:

https://www.schneier.com/blog/archives/2013/01/identifying_peo_3.html

https://www.smh.com.au/technology/why-hackers-should-be-afraid-of-how-they-write-20130116-2csdo.html

https://www.wikiwand.com/en/Stylometry

This is an incredibly powerful tool and there is ZERO chance that nation-states, then companies, than savvy individuals will start using this to connect the dots across the web.

And while your government won't fire you from your job for thinking something stupid, "some asshole with a Twitter" is almost guaranteed to the second you have an online presence warranting "deplatforming."

[edit]

On a less sad note:

According to this site, my writing style (from this post) is "more like" Arther C Clarke. Which, hot damn, I take as a complement.

https://iwl.me/b/a19b4b4

I recommend serious, politically incorrect banter be mostly channeled through an anonymized pseudonym. If it's extreme enough, or you are, I recommend going full-retard with security. Running an OS that is composed of only free software, designed specifically for concealing your identity. I think "Tails" is the example in my head. Effectively, become a ghost. It's a tall order to be sure, but I don't think we'll ever live in a world where anything less is sufficient.

Unfortunately, most people are stupid. There's no getting around that. I'm just fortunate to have experienced all of the wonder I have already. The majority of my ancestors couldn't have dreamed my life already. And my life is far from perfect, but still it's pretty great already. There is still a long way to go, and a lot of changes should be made, but we can appreciate what we do have.

I wonder if those big changes need to be passed down to your children. Like there's no way to make the existing adults open to new ideas, as a whole, so you need to try instead to open the eyes of the youth to care and pay attention and do better. It's sort of a scapegoat and sort of a cop out, but it's mostly just a drunken ramble. My worry is that it's also our only chance, meaning we'll be lucky to see this kind of important change in our lifetime. What's worse is that even such a change wouldn't fix the world. There would be additional changes along the way that are needed to be built upon, and there will always be snakes in the grass looking to exploit the situation and throw wrenches in the gears where necessary to do so.

no you need special hardware remember equation group? they put spyware into hdd firmware

the uefi is an embedded linux platform that can have arbitrary apps installed and they can run during runtime as a hypervisor side-by-side so even linux boot will not have 100% control because uefi will set it up in a compat module and before that smbios had similar feature

actually all windows 10 now is inside a vm, the automatic update installed hypervm and since then your primary windows is a dedicated vm instance on your own computer with pci-e passthrough for all system devices

you want secure? you want raspberry pi as a desktop or something like that any modern desktop or smartphone has hardware vm backdoors

if you must have a desktop it will have to be an old desktop with hardware before the time that these things were added which means not modern performance

intel added these things before AMD did so the highest performance system that can be hoped to be secure will be the final AMD system before they too added them to the hardware, not sure what generation that is, it might have been some time during the phenom 2 days?

true hackers would be able to tell you what is the latest generation before they all came backdoored from the factory from then on.

I'm more worried about the hidden, closed-source, embedded security processor in both Intel and AMD CPUs, than I am about the UEFI. Processors that also have backdoors designed for FBI/CIA/NSA use, that, "omg no, rly?" get hacked by everyone else. It's almost like you can't have a secret backdoor that only "the good guys" can use.

https://en.wikipedia.org/wiki/AMD_Platform_Security_Processor

https://www.theregister.co.uk/2018/01/06/amd_cpu_psp_flaw/

https://www.intel.com/content/www/us/en/support/articles/000025619/software.html

So I guess we're all gonna die..

I'm not afraid about my address, but phone is kind of an issue. I guess I'll buy a spare SIM for this. SMS-spam my modem

I might catch some flack for this, but I am in the process of migrating my domains from Namecheap to GKG, and it's all because of a group of organized Neo Nazis. In short: Namecheap terminated a customer's domain without notice because they did not agree with the beliefs outlined on that customer's web site. Cloudflare also pulled their plug. I do not wish to do business with companies willing to abuse a power they should not have in the first place.

I support people's right to do whatever they feel according to their own morals. (Obviously except when it hurts others.)

So if you want to protest them, go for it.

I'm usually on the side of "!@$!@ companies that ban minorities"--whether neo-cons trying to ban South Park / police TV, or modern liberals... trying to police TV.

But we all know there IS a limit to what you can use a service for. Nobody is allowed to host child porn. The question is, is it a slippery slope to move in from that "obvious" example?

I'd say if they're legit neo-nazis and they were using one of my services? I wouldn't even hesitate to drop them. HOWEVER, there's two differences. 1) I would never ban ANY CONSERVATIVE and call them neo-nazis the way Twitter/Facebook/Reddit/etc all do. 2) I wouldn't be a pussy about it the way Facebook, Twitter, and Reddit are. I'd say "Hell yeah, I removed the neo-nazis from my site. They're not welcome here. But I will NEVER pretend that people who are conservative are nazis and will immediately re-instate with apology any mis-labelling my staff does."

That's something our /the new generation has completely !@$!@ing collectively forgotten. That if you're actually HONEST with your community, people will give you TONS of leeway in making imperfect actions / mistakes. But no, they're all too stupid. They think it's more important to hide behind a undecipherable wall of ambiguous "terms of service" that is basically code-word for "whatever I want" and they'll follow it up with zero explanation except a politically-correct PR blurb. For Reddit's "policy" of "remember the human", they're pretty devoid of humanity.

I agree about corporations wanting to play both sides of the table. I don't understand the child porn analogy, however, as that is illegal, and Namecheap is not the police. The question here is one of free speech and whether or not the cancellation of an Internet domain name hampers it.

The argument is that sites are always accessible via IP addresses, so people should be able to type “2607:f8b0:4009:804::200e” or whatever into their web browsers, and free speech remains unimpeded--therefore, revoking a domain name does not constitute hindrance of free speech. I ended up not agreeing with this argument, however, as speech is only speech when it has a recipient. (Otherwise, a government could say, “Sure, we have free speech. Everybody is allowed to say whatever they want, as long as nobody else hears it.”) Not having a domain name, obviously, severely limits the number of recipients. It is not an absolute hindrance, but then again, almost nothing is. I conclude that a domain name registrar, much like the postal service, should not be able to pick and choose its customers.

DDoS protection (i.e. Cloudflare) is another matter, of course.

I think the primary variable here is the PR fallback these companies will face if they do no action. They may, at their heart, support the ideals of a free and open internet and the concept of freedom of speech. But from a business and public-perception perspective that is not a viable course of action for any business given the situation.

With regards to the IP always being accessible, keep in mind that the IP address is also made available from some kind of service provider. If the DNS host can choose to deny you access the ISP or server host can too. I'm not really familiar with how the Tor network provides addressing mechanisms, but that's probably the best bet for true resilience against political censorship (an onion address or whatever they're called).

While it sounds like the content of the site is generally very offensive and probably in poor taste, it also sounds somewhat satirical or trollish, and either way I'm not sure it justifies censoring it.

I don't think that hosts should consider the content that is published using their networks to reflect their views, and neither should the public nor the law. That's not their role in the Internet. I think that it's debatable whether they should be refusing service for such hosts, and I'd probably find myself sitting on the fence.

That said, isolating namecheap is probably wrong since according to Wikipedia there was a number of registrars that refused them service, and namecheap was just one in the herd following suit.

While I admire the fight for protecting Internet users rights, I think you'll be hard-pressed to find a truly will host that respects true freedom. It's more likely that this particular host just isn't offended by this particular speech, but doesn't guarantee that they wouldn't censor other content that they do take issue with. I tried checking out their (GKG's) FAQs and policies for references to such a policy, but I saw no such thing. Their legalese looks the same as everybody else. If you post anything that may "incite violence" or be considered "harassment" they too can terminate your account without notice. It's just a question of whether they choose to do so.

I agree, which is why I believe companies should be absolved of such responsibility. They need to be able to say, “Sorry, not our department,” and point their fingers to the government. (Hopefully, the people won't poke holes in their rights to free speech at that point.) Continuing the postal service analogy, nobody rightfully points a finger at the mailman for delivering packages to the addresses of neo-Nazis (and it would be illegal for the mailman to refuse to do so).

This would not surprise me. Still, GKG did accept the neo-Nazi's registration amidst intense public scrutiny. Plus, they're a couple bucks cheaper than Namecheap, so I'm happy.

I have used the term “neo-Nazi” today more than every other day of my life combined.

I don't think I've ever used the term before in my life so the day that I do use it will be the day I used it more than ever before. I don't even know what it supposedly means, and from the sounds of it I wouldn't even accept their existence, so I'm not sure that day will ever come. Pretty much it all sounds like a group effort to troll. And I feel like giving it a name just furthers the movement. Just calling individuals out for their stupid ideas is probably a much better way to stop stupid ideas.

I've been using GoDaddy back before they started sponsoring racing. I have clayton-weaver.com, bhxspecter.com, and specterent.com through them and I'm able to select to pay for each domain a year at a time. In terms of hosting, GD lets you pay monthly while 1&1 forces you to pay 6 months at a time so if you decide after you pay the 6 month span that you are done, they won't refund it (I know as that is what happened to me when Moosader was using it a few years back and I tried it out). I've not spent any money on hosting for a long time now (nothing to put on the site), but I've continued to pay for the domains just in case.