I guess this is a cautionary tale.

I was recently having issues with my Gmail account that’s tied to my Epik ( a domain registrar ) account, so when I was supposed to renew my domain, I didn’t receive any e-mails about it. When I decided to randomly check on my website, it seemed to be down. So I checked Epik and a domain that usually cost £15 a year to renew now cost £400 to renew as it was expired.

As a teenager who does not have £400 to spend on a domain, I decided to just wait until the domain fully expired and buy it for a cheaper price.

After some time, the domain fully expired and GoDaddy decided to buy it as soon as it did, and charged me £2,225 to renew the domain. I don’t understand how a price that large is justified, considering that my website gets barely any visitors and I basically only use the domain for hosting stuff. No idea how hiking prices this much is legal

  • kitnaht@lemmy.world
    link
    fedilink
    English
    arrow-up
    241
    ·
    edit-2
    4 months ago

    Sorry, but chalk this up to lesson learned. It’s almost always been this way. Domain squatters will do this all the time. In fact, some domain registrars will use you searching their site for an ‘available’ domain, and if you don’t buy it up right away – will buy it and hike the price and sit on it for years in order to lock it down, knowing you wanted it.

    btw, Namecheap says Sunglocto dot com is like $10 - so just register a .com. Not through that Epik piece of shit that you used before. Legit, use Namecheap; they’ve never done me wrong and have been my registrar for more than a decade now.

        • something_random_tho@lemmy.world
          link
          fedilink
          English
          arrow-up
          12
          ·
          4 months ago

          Then they make you use them for DNS. May or may not be a big deal, but the reason it’s at cost is to act as a loss leader to get you exposed to and buying their other products.

        • hddsx@lemmy.ca
          link
          fedilink
          English
          arrow-up
          9
          ·
          4 months ago

          I mean, I use namecheap. I’m thinking about throwing one of my domains onto cloudfare just in case.

          If you don’t like namecheap, some people have been suggesting porkbun or something.

        • jqubed@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          4 months ago

          I had this happen with NameCheap. I’m not sure if they bought it or someone else, but it stayed registered with them. Whoever bought it has held it for a couple years, put up a fake website to look like they were using it, but took it down after a year when I didn’t bite on buying it. Current status shows it’s pending deletion finally for abuse or non-payment. I keep checking to see when I can nab it again.

          • Optional@lemmy.world
            link
            fedilink
            English
            arrow-up
            16
            ·
            4 months ago

            It happens with anyone. Bots track expirations and snatch them so that they can ransom them back to you for thousands - exactly as in OPs example.

            AUTO RENEW. Auto-renew. Auto-renew is the way. The solution to this problem is Auto-renew.

            • jqubed@lemmy.world
              link
              fedilink
              English
              arrow-up
              4
              ·
              4 months ago

              Yes, I just didn’t realize that auto-renew doesn’t work with PayPal on NameCheap and had lazily set it up with PayPal when I got it because I didn’t want to go get my wallet. Lesson learned!

            • Septimaeus@infosec.pub
              link
              fedilink
              English
              arrow-up
              3
              ·
              4 months ago

              I think you can also register 10 years in advance, or maybe more depending on the registrar, which would cover all other potential snafus like expired card info.

      • kitnaht@lemmy.world
        link
        fedilink
        English
        arrow-up
        11
        ·
        4 months ago

        Absolutely. But I think it might be more advanced than that. They might have some sort of analytics that measures how long people stay on the page, etc to inform their purchasing decisions.

        • LiveLM@lemmy.zip
          link
          fedilink
          English
          arrow-up
          4
          ·
          4 months ago

          Ah, so search a couple of domains and sit on their page for a while making random mouse movements and scrolls then? Got it.

    • lemmyvore@feddit.nl
      link
      fedilink
      English
      arrow-up
      15
      ·
      4 months ago

      Namecheap has extra rules if you want to use an API (minimum money spent with them, minimum of domains managed with them etc.) — GoDaddy style.

      Keep that in mind, if you need an API (for DDNS or for obtaining wildcard TLS certificates) you’ll have to use a separate service for DNS.

      • chiisana@lemmy.chiisana.net
        link
        fedilink
        English
        arrow-up
        13
        ·
        4 months ago

        You really should have separate services for registration, DNS and hosting. That way you’re not held hostage by a single provider.

        • hddsx@lemmy.ca
          link
          fedilink
          English
          arrow-up
          3
          ·
          4 months ago

          Why should I post someone else for DNS records if namecheap is handling it just fine for my use case?

      • kitnaht@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        edit-2
        4 months ago

        DDNS with Namecheap is as simple as hitting a URL with a /GET request from the IP you want it to point to. No limitations. No special requirements.

      • NateNate60@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        4 months ago

        I have a script running that uses the Namecheap API to automatically get wildcard certs from Let’s Encrypt. I didn’t pay a dime for this. Did something change?

        • lemmyvore@feddit.nl
          link
          fedilink
          English
          arrow-up
          2
          ·
          4 months ago

          Maybe you meet the conditions for it? It hasn’t been possible to access their API without meeting the conditions for at least a year now.

          You don’t pay directly for the API, the latest conditions AFAIR are 20+ domains and $50+ on account balance and $50+ spent in the last 2 years.

          They also want you to whitelist the IPs that access the DNS which makes it unusable for DynDNS, but at least they have a separate URL for that.