I want to get some domains for selfhosted stuff, but I’d like to use a registrar that I won’t regret doing business with later, both in terms of ethics and potential customer service stuff. Who do y’all like most?
I want to get some domains for selfhosted stuff, but I’d like to use a registrar that I won’t regret doing business with later, both in terms of ethics and potential customer service stuff. Who do y’all like most?
I have one of my domains on Cloudflare and was thinking of moving the rest of them there. What makes it harder to move name servers away from Cloudflare than other places?
You’ll be fine to move them to Cloudflare.
What the other user is describing would be an extremely rare scenario, and you should be able to change registrars in that case anyway.
There’s really not much of any practical benefits of that kind of excessive “risk mitigation”.
I don’t agree and it’s no extra work to do it the other way. And when one or the other goes fucky, you can recover immediately.
I get that you’re likely exaggerating by saying “it’s no extra work”, but managing another account is markedly extra work. It will also cost extra because Cloudflare does not add any markup for registration, which is why they are the cheapest registrar.
I think the convenience and reduction of cost greatly outweighs the highly unlikely situation where “something goes fucky”. If it does, then what? You can’t make DNS updates for a little while?
The most likely reason to get locked out is billing issues, or maybe you lost your login information or something like that, which is going to be the same risk regardless of who your registrar is. Otherwise you’d have to be involved in some sort of legal issue associated with your domain and that is a much deeper issue than can be solved by simply changing nameservers.
Years ago I had a registrar go tits up without warning, taking about 70-80 active domains for an MSP’s customers with it. I managed their email servers and DNS, which was with the registar, of course. It was a bloody nightmare to recover that situation. Because we couldn’t supply them a DNS change to prove our control of the DNS, hence ownership of the domain, we had to individually affadavit each domain. Took weeks.
I get you don’t think it’s important, but there’s plenty of sysadmins that do, with experience backing that up.
What registrar was that? Were they as big as Cloudflare? How exactly did they “go tits up”? Isn’t the situation you describe a completely different scope from an individual’s usecase? It’s also an anecdotal point of data without including the full context of how common that situation is. “It happened to me once, and I have heard stories” does not necessarily mean it’s common enough for everyone to prepare for every time. I’ll remain skeptical of the
Mainly, though, I’m not saying it’s a bad idea in total. I just think that for someone who is inexperienced with DNS management and self-hosting, those types of concerns are already unlikely and just keeping the environment simple and cost less has far more value than being prepared for unlikely scenarios. It could even prevent self-inflicted issues by keeping it simple, which would be far more likely than Cloudflare’s infrastructure creating a problem that they have to remediate themselves.
If anything, the true argument for risk mitigation would be to have multiple DNS servers for redundancy.
I just don’t believe that, in this type of usecase, it’s worth pressing for and that there’s more of an argument to keep it simple.
Additionally, you can leave out trying to use your credentials and a hypothetical group of people to make your argument for you. It makes it seem like you’re trying to talk down.
This seems like a lot of text for saying “unless you can predict all the specific ways a bad thing could happen, I think putting all your eggs in one basket is fine.” And under some circumstances you’d be right.
Your registrar (the place you buy your domains) is where you update your nameservers. If Cloudflare have locked you out then you won’t be able to change them. Other standard registrars will have far less cause, legitimate or not, to lock or disable your account, since they don’t host/proxy your content.
I’m not sure what the consequences are for ignoring it, but it would violate the ICANN RAA to lock a person out of being able to transfer their domain except for legal reasons like evidence of fraud or a court order. Sure, they can terminate your account on their services but they can’t prevent you from transferral without violating their agreement with ICANN.
It would be a weird scenario that you’re describing that would be unusual and exceedingly rare. You would need to be directly connected to something highly illegal for that to happen, not just a normal user.
That’s why I said I don’t trust them to not fuck up, not that it’s something that should ordinarily be expected. Additionally, especially considering how the rule of law in their jurisdiction is going recently I wouldn’t assume it will always be this way.