How To Keep Your Domains Safe From Hackers

Each and every day, hundreds of domain names get stolen and thousands of WordPress blogs get hacked. As a webmaster or domain investor, you cannot afford to be on the list of people losing their domain names to avoidable circumstances. You need to avoid domain theft at all cost to protect the assets you’ve invested in for years and keep your websites healthy and running at all times.

In case you don’t know, your domain name is a huge part of your brand identity, and it’s also a potential gateway to wealth. You may have read other posts on this blog which contain recent domain sales that are proof many domains can be worth thousands of dollars. Just this past month (in July, 2021) we’ve seen domain names like sell for $20,144 USD and sell for $1,008,900 USD. All of that aside, did you know that there are some fairly simple ways you can protect your domains against theft? Knowing the various tactics employed by domain thieves will help you in taking proactive measures to keep your valuable assets safe.

How To Avoid Domain Name Theft

1. Keep Registration Records & Contact Information Updated – If you move, change your phone number, or main email address that you’ve been using for domain transfer communications, you need to update this within your registrar. If possible, enable Two Factor Authentication (2FA) and update your emergency or business contact information as well. When any suspicious activity occurs, your registrar will be able to contact you and let you know ASAP.

2. Be Smart When Choosing Your Domain Registrar – Don’t register your domain name with just any registrar. Instead, be sure that the registrar has been in business for a while and is trustworthy. If you know how to verify that a registrar is ICANN accredited, you should do that as well. If you don’t know how to verify that a registrar is accredited with ICANN then check back with this blog later as I will write a post for that soon! When choosing a domain registrar, you should look beyond price and find a company that offers quality services and support. GoDaddy and DynaDot are two well-known domain registrars that have been in business for years, and I would personally recommend them. Domain registrars should be able to provide more than just the minimum registrations and transfers. Look for a registrar that offers several services, offers multiple methods for contacting them (live chat, phone, email, support tickets, forum, social media..etc), and one that offers 24×7 technical support.

3. Keep Your Domain Registration Information Private – Trust me, you will want to guard your domain registration information the same way you would any other account info on any other site. Remember, you should be extra protective because your domain name is a business asset. Never give your login information to a stranger or any other person except someone who is authorized to manage your domain (such as a webmaster or developer). Don’t forget to change the account details when this person leaves your organization. Finally, don’t use your contact email address as your username for your registrar account as hijackers will always guess this. Instead, create a different username that is not the same as the contact email.

4. Separate Your Domain & Hosting Account – Some domain owners make the terrible mistake of using the same company to both register their domain name and host it. If a domain hijacker gets access to your hosting account, they will take over everything, and you will not be able to recover your domain and possibly even your website files. You should use separate providers for domain registration and for hosting. For instance, register your domain with DynaDot but host it with HostGator.

5. Change Your Registrar Password Periodically. – While it’s always smart to create a highly secured password, it is also advisable to change your password after some time. To create a secure password, use a combination of uppercase, lowercase, numbers, and special characters. Never use common names, dictionary words, birth dates, anniversary dates, etc. Hackers will easily guess these. And again, when you hire someone to work on your account, make sure you change the password after they leave.

6. Keep Your Domain Name Locked – Most of the time this is done automatically when you register a new domain, but to verify you should ask your registrar to place your domain name under a registrar lock. This makes it impossible to alter your registration information and DNS configuration without your consent; you have to unlock your name before anything changes. After locking your domain, you should be able to do a whois lookup on it to verify the status shows it as locked. If you ever notice this status change, then you need to change your domain registrar account password right away!

How To Keep Your Domain Names Safe

Domains can be extremely valuable assets, so you must protect them. If you lose your domain, your entire business could go down as well. Follow the tips listed above and your domain portfolio will be better protected from the hands of domain hijackers!