Indigo Ink Solutions

Helping Small Businesses Thrive Online

WHOIS Records and Why You Need to Protect Yours

WHOIS Records - illustration of six multicolored locks on a purple background

When you first register a domain, you’re required to provide a small amount of information to get it set up and running: things like your name, address, phone number, and an email address. This information is compiled into what’s called a WHOIS record, there’s no one central database of WHOIS records; instead your domain registrar keeps track of it, as well as other domain name registries and directories.

The Point of a WHOIS Record

The purpose of a WHOIS record isn’t just to know whether or not a domain is registered and who registered it, but when it’ll expire, and who to contact if you’re interested in buying it. This is also true if you believe someone has infringed on your trademark or copyright with their domain.

“…registrars and registries provide public access to data on registered domain names. Anyone can use the WHOIS protocol to search their databases and identify the domain name registrant.”

—Internet Corporation for Assigned Names and Numbers (ICANN), 2017

Why Protect Your WHOIS Record

If you choose not to obscure your domain registration information, you’re leaving a lot to chance: domain hijackers could see your name and email address and see if your username or password have been in any Internet breaches. All they need is the right combination, and then they can take over your website and fill it with spam, or even hold it for ransom! I’ve had this happen to me, and it’s not fun.

I made the mistake of using the same username and password for most every service I signed up for (this was back before amazing password managers like 1Password existed), and hackers that claimed to be from Morocco defaced my website and held it for hundreds of dollars in ransom—way more than I, as a broke undergraduate, had at the time for my fan sites—not even an online business! Of course, because I used the same username and password in multiple places, the hackers had access to credit cards I used for domain hosting and registration, my bank account, my email…. It took me over three months of going back and forth with the FBI to get my online identity back, and there are certain hosts and registrars I refuse to use anymore because of the experience.

Even if you think someone won’t be interested in taking over your domain, your name, address, and phone number are all still valuable information for spammers of all stripes, including those who junk mail, telemarketers, and more. The more information you choose to obscure, the harder you make it for those same fraudsters to gain access to other private accounts, like your bank.

How to Protect Your WHOIS Record

Long story short: tons of personal information is required to get a website, but it’s up to you whether you want to protect that information. While attempts at replacing or reworking WHOIS have been made for years, none took off. Many domain registrars offer WHOIS “Guard” or “Privacy” services, but you shouldn’t need to pay for this service, especially considering nonprofit ICANN operates the WHOIS check service free of the oversight of any particular country’s government. My personal favorite registrar, NameCheap.com, offers WHOIS Guard for free. Instead of your name, address, email, and phone number, the record shows WhoisGuard Inc. information, and forwards any messages sent straight to you.

Below, you can see a short sampling of domain registrars (many of them also offer hosting) that offer some form of WHOIS Guard, privacy, or protection, including some pretty big name ones that CHARGE for the “privilege” of protecting your information. I’m not particularly a fan of passing business onto companies that look at privacy as an opportunity to make money instead of a business value, so I won’t link to those registrars.

Registrar NameCost for WHOIS Guard / Privacy (in addition to domain registration fee/renewal costs)
DreamHost.comFREE
NameCheap.comFREE
Squarespace.comFREE
GoDaddy.com$10-$30/yr.
Weebly.com$10/yr.
Wix.com$9.90/yr.
Registrars to Consider… and Registrars to Avoid (Based on expensive WHOIS Privacy Pricing)

One thing to keep in mind is that while WHOIS protection is generally free with a good domain registrar, it’s not ALWAYS free. That’s because some domain extensions (like .co.uk, .us, de, and a handful of others) don’t permit WHOIS privacy. Some registrars also have different opinions on how much gets protected. For example, on Squarespace’s WHOIS Privacy Page, they say:

If your registrar is Squarespace Domains LLC, your state or province, country, and organization name (if one is provided) will show.
If your registrar is Tucows, all fields of ownership information are hidden. 

—Squarespace WHOIS Privacy

Resources

You Might Also Like...

illustration of a webpage with elements beside a + sign; illustration of a computer monitor with different wireframe webpage layouts, with the left column option checked

Website Add-Ons 101: How to Find the Best Themes & Plugins

Table of Contents Whether you’re designing your first website or revamping your third, one of the most overwhelming aspects is often the sheer amount of add-ons available. Add-ons for websites take many forms: WordPress, Wix, and Shopify have Themes (Squarespace calls them Templates) that change the design of your website; WordPress has plugins (Wix and

Read More »
Share on facebook
Facebook
Share on google
Google+
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on pinterest
Pinterest

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top