I’m currently on the lookout for privacy-respecting domain registrars. What are you guys using and why?

Edit: I’ve registered my domain with Porkbun. I got a really cool one, it’s called reallyaweso.me!

  • karpintero@lemmy.world
    link
    fedilink
    English
    arrow-up
    73
    arrow-down
    3
    ·
    9 months ago

    Recently moved over to porkbun after dealing with a couple billing issues with namecheap and not getting the best customer service. Been pretty happy so far.

    • essteeyou@lemmy.world
      link
      fedilink
      English
      arrow-up
      26
      arrow-down
      1
      ·
      9 months ago

      I moved all of my domains to Porkbun when Google Domains started to close down or become SquareSpace or whatever they were doing.

      No complaints so far.

    • Zikeji@programming.dev
      link
      fedilink
      English
      arrow-up
      15
      arrow-down
      1
      ·
      9 months ago

      I’ve been using Porkbun for over 5 years and haven’t had any issues. I switched from a mix of Google Domains and Namecheap.

    • Rai@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      9 months ago

      So I’m quite new to this, and searching around hasn’t been to clear… if I’m looking to have my own E-mail domain, do I buy a domain in addition to subscribing to an E-mail… service… thing?

      • exception4289@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        9 months ago

        Yes, you need to buy (register) a domain beforehand.
        The e-mail provider of your choice that provides custom domains will ask you to

        • either point your domain to their nameservers (done from the domain provider’s panel)
        • or insert/update some DNS records on your domain (either from your domain provider’s panel if it is supported or you can link your domain to another DNS service e.g. CloudFlare)
        • Rai@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          1
          ·
          9 months ago

          Thank you very much! I’ll look into snagging a domain and setting up like, Bluehost or Proton. I use Proton’s free tier now, but it looks like it’s about 3x as much for their good E-mail plan compared to Bluehost.

    • AlexPewMaster@lemmy.zipOP
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      3
      ·
      9 months ago

      What kind of TLD did you buy? Did you choose a TLD that’s supported by the WHOIS privacy? I wanted to see if alexpewmaster.de was available, and it told me this:

      ⚠️   PRIVACY WARNING ⚠️
      
      This TLD does not allow WHOIS privacy but generally redacts your personal information. This means that your personal contact information will be sent to the registry but it should not be made public.
      
      • Zikeji@programming.dev
        link
        fedilink
        English
        arrow-up
        18
        arrow-down
        1
        ·
        9 months ago

        Generally the country based TLDs have that problem. That isn’t unique to porkbun or .de

      • Engywuck@lemm.ee
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        9 months ago

        I have a .de domain with them. No personal info are shown on whois info.

      • lemmyvore@feddit.nl
        link
        fedilink
        English
        arrow-up
        3
        ·
        9 months ago

        That’s a really weird way of putting it. EU ccTLDs don’t offer whois privacy because it’s not needed. They have whois privacy built-in as well as very strong privacy laws.

        If you want a .de domain I would recommend using inwx.de as registrar they have extremely low prices for .de and often run discounts for the first year as well.

        The one thing to keep in mind if you’re not a German citizen and/or not have a German address is that you need to provide one after you register a .de domain. INWX has a service for 3 eur/yr that will provide one on your behalf.

        Some other cheap European domains without any requirements and built-in mandatory whois privacy are .be, .nl, .fr and .ro.

        Keep in mind that some of these ccTLD don’t allow purchasing multiple years in advance and also force you to reset your leftover term if you transfer.

        If you’re gonna get an European ccTLD you should also use an European registrar like INWX or Netim or Gandi. Using an European ccTLD with an American registrar kind of defies the whole point.

    • tburkhol@lemmy.world
      link
      fedilink
      English
      arrow-up
      20
      arrow-down
      1
      ·
      9 months ago

      +1 porkbun. $1.60 for a .top whois privacy. 2FA with security key. Even let me host my own nameserver, so I can have separate internal and external views.

      • lud@lemm.ee
        link
        fedilink
        English
        arrow-up
        5
        ·
        9 months ago

        Any registrar allows you to host your own nameservers. You just point to your server from the registrar console.

          • lud@lemm.ee
            link
            fedilink
            English
            arrow-up
            2
            ·
            9 months ago

            Yeah, you have to pay for that feature on cloudflare but considering that they are so cheap I think it’s not so bad.

            Every other registrar I have seen allows it though (they are usually more expensive since they earn a profit on registrations.)

    • thejevans@lemmy.ml
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      1
      ·
      9 months ago

      In the process of moving all my stuff to porkbun as well. It’s the best.

    • 🖖USS-Ethernet@startrek.website
      link
      fedilink
      English
      arrow-up
      8
      ·
      9 months ago

      Yup, they don’t mark up prices, they allow you to proxy traffic though them, and they have a WAF that you can set up 5 (I think) firewall rules for your traffic for free.

    • subtext@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      9 months ago

      I figure if I’m already using their proxy, may as well have my domains there as well… one fewer party to trust.

  • ikidd@lemmy.world
    link
    fedilink
    English
    arrow-up
    23
    arrow-down
    2
    ·
    9 months ago

    Namecheap for registrar and Cloudflare for the name servers. Always keep those services separated so if one dies, you can still get into the other service to fix it.

    • blurg@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      2
      ·
      9 months ago

      If a registrar goes out of business, ICANN transfers the domain(s) to another registrar.

      If a name server business fails, you change name servers through your registrar.

      You can’t really fix registrar services in your name server, nor name server problems through your registrar. (Unless, of course, your registrar is also your name server.)

      • ikidd@lemmy.world
        link
        fedilink
        English
        arrow-up
        8
        ·
        9 months ago

        If your registrar goes down but the NS are on a different provider, the root servers will keep that NS record and all will be well. You can go to a different registrar and transfer it over, but in the meantime it’ll be fine and you can do whatever you need with your DNS.

        If the DNS provider goes down, you can go to your registrar and quickly change the NS to another provider. It’ll quickly be back up on your new DNS servers.

        Believe me, I’ve done this for 3 decades because one or the other have gone down on me more than once and I’ve had minimal downtime with this separation. Even when I was running my own NS, I kept more than one NS outside my server farm so if my connections went down, I could pop the farm up on a backup colo and point my tertiary accordingly.

        • blurg@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          9 months ago

          After a bit of research, I’m forced by facts (NS records can be cached for an undetermined time) to see what you’re saying. Thank you for teaching me.

          The workings are, of course, a bit more complicated than what either of us have said (here’s a taste), but there is a situation as you describe, where separating the registrar from the name servers, and the name servers from the domain, could save the domain from going down.

          • ikidd@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            ·
            9 months ago

            Well, I kinda simplified it, but yes, the root servers will keep the NS records as long as nothing else updates it (or nobody requests it for longer than the TTL that came with the last lookup) which is why it works.

            Happy to help.

      • Moonrise2473@feddit.it
        link
        fedilink
        English
        arrow-up
        2
        ·
        9 months ago

        Is it possible to do that? Afaik they don’t allow to use different name servers if they’re registrars

        I had the domain on a registrar that didn’t allow changing name servers (Tophost for 6 euro per year) and I had to “hop” with ovh for 60 days before having cloudflare for a registrar as they didn’t allow to transfer the domain with different NS

        • MigratingtoLemmy@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          9 months ago

          Cloudflare doesn’t allow me to change my name servers? What blasphemy! I had never considered this, I thought it would be allowed by default. Where can I read about this?

          I’m looking for a cheap domain registrar with terraform support

          • dan@upvote.au
            link
            fedilink
            English
            arrow-up
            1
            ·
            9 months ago

            It’s the main reason why their domains are so cheap. Their thinking is that since you have to use Cloudflare services to use the domain, you may look at the paid services and decide to pay for one, or suggest it at your workplace.

            They charge wholesale price for domains, so they make $0 profit on them. Effectively it’s a loss leader to hook you into the ecosystem. That’s the same reason why VMware ESXi used to be free for home labs - users would become advocates for it and use it professionally.

            • MigratingtoLemmy@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              ·
              9 months ago

              I’ll paste the comment I made earlier:

              Oh boy, I was unaware of the fact that I can’t use my own nameservers with cloudflare. Definitely not going to recommend them anymore

              Which registrar do you suggest with good API support? Most of my infrastructure uses Terraform and Salt

  • atocci@lemmy.world
    link
    fedilink
    English
    arrow-up
    17
    arrow-down
    1
    ·
    edit-2
    9 months ago

    Google Domains because I have a Google account and buying a domain on it was easy when I needed it. I’m still on Google Domains but you’ve reminded me I need to continue the transfer to Cloudflare before I get forced over to Square Space because they don’t support Dynamic DNS.

    Cloudflare.

    • csm10495@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      9 months ago

      Exactly the same boat. But man Cloudflare is better in every way. Having an API to update/fetch records for a zone does wonders.

      • atocci@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        9 months ago

        Transferring was straightforward enough, but there were a couple steps that involved waiting for things to update before you could continue and I forgot to get back to it for a while after they were done. Other than that, all my records seem to have transferred over correctly and all I had to do manually was reconfigure my DDNS client and set up email forwarding with gmail again.

  • dinckel@lemmy.world
    link
    fedilink
    English
    arrow-up
    16
    arrow-down
    2
    ·
    9 months ago

    I have mine on Namecheap, but i’ve moved the nameserver to Cloudflare. Been using them for a while, can’t complain at all. Am also paying for their email service on the same domain

      • Zpiritual@lemm.ee
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        1
        ·
        edit-2
        9 months ago

        Interestingly that is why I chose them like 5 years ago as I figured that is a plus as far as privacy is concerned. Having 1337 show up when performing a domain owner lookup instead of my name seem like a good thing and if I need it to be registered to me it’s easy enough to transfer.

        I love the service though and brokep being involved makes them worth considering for anyone into privacy.

      • wildbus8979@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        2
        ·
        edit-2
        9 months ago

        Njalla was founded and is ran by Peter Sundee, aka brokep, of Pirate Bay fame… If there’s anyone you can trust …

  • blackstrat@lemmy.fwgx.uk
    link
    fedilink
    English
    arrow-up
    14
    arrow-down
    2
    ·
    9 months ago

    Namecheap because they’ve lived up to their name. The DNS for my domains is all on Cloudflare though as I can automate my letsencrypt renewal that way that I couldn’t on plain old namecheap.

  • KairuByte@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    12
    ·
    9 months ago

    Cloudflare, because my understanding is that they typically renew at basically cost, and that’s where most of my other DNS stuff is anyway.

    I typically buy domains at whatever registrar is cheapest at the time for initial purchase, which most recently was namecheap IIRC.

      • KairuByte@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        Likely a bad description. I more meant DNS, page rules, tunnels, zero trust logins, and more. It’s honestly just easier to keep it all in one place, and to be honest they are one of the more reliable sources for… literally all of those things.

          • KairuByte@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            2
            ·
            9 months ago

            Nah, it’s just stuff I set up as needed.

            The page rules are basic, one redirects to an Etsy shop, another to serve images for email from a cdn, and another for handling QR codes.

            Tunnels are set up for subdomains to reach internal network stuff, with a Cloudflare Zero Trust login which prompts for those that don’t have secure logins.

            The DNS stuff is subdomains, email records, and a few records for certain game servers.

            I also use cloudflare to monitor my DKIM rejections, though my email is through mxroute as they have/had a lifetime option and I don’t like subscriptions.

            There are a few different sites as well, one is personal, one is for public facing stuff, a couple for side businesses.

            It’s honestly just easier to keep as much together as possible.

  • Nik282000@lemmy.ca
    link
    fedilink
    English
    arrow-up
    12
    ·
    9 months ago

    Namecheap, cheap, easy to use, easy to setup DDNS, helpful support staff. I have heard horror stories of them selling popular domains out from under their owner but none were recent.

    • khorak@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      5
      ·
      9 months ago

      Same. I buy all my domains there. And in case someone needs a proper API and support for the dns challenge, host your DNS at DeSEC.

      • dan@upvote.au
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        9 months ago

        The thing that I don’t like is that lot of these DNS hosts don’t support using them for secondary DNS… It looks like deSEC is the same :/

        I like using my own DNS server as a hidden primary because it lets me do bulk and programmatic updates more easily.

        I’m using DNSMadeEasy for some of my important domains because they have the fastest servers, their service is really reliable, and major brands are using the same DNS servers so it seems like I can trust them. However, after being acquired by DigiCert, their prices went up over 10x… the $60/year plan I was on is now $675/year.

        HE’s free DNS supports secondary DNS but their reliability isn’t great. DNSimple supports it but I’m over their limit of 100 records for some zones. Hexonet supports it but I couldn’t figure out how to get it working and neither could their support.