Your blog's domain name is by far one of the most important assets of your blog. It's a brand through which your blog is recognized. One day you wake up and see that your domain name is no more yours and is hacked. It can happen to anybody, anytime. But we can take some precautions to minimize this risk. Let's see what we can do to keep our blog's domain name safe from hackers.
Register Domain Yourself
Let's say, you have decided to hire an expert for designing your blog's theme and for installing your blog CMS. His package also includes domain registration for you. Beware and never fall in this trap. Always register your domain yourself. The person who registers the domain with his name, address, email and credit card details is the legal owner of the domain. So, if your designer is registering a domain name for you, he will be the legal owner of the domain, not you. Once you have decided to register a domain name, make sure to check that your domain registrar is ICANN accredited.
Use WhoIS Guard
Almost every domain registrar provides whois guard subscription on yearly basis to protect your sensitive contact information. Keeping your registration information public invites spammers and domain hackers, especially if your blog or web site gets popular. With WhoIS guard protection enabled your contact information is kept secret preventing any unwanted customers filling your inbox with junk.
Lock Your Domain
Always keep your domain registrar's lock enabled to prevent any unsolicited 3rd party domain transfer requests. That's how domain hackers steal domains. Locking your domain to your domain registrar ensures that no unauthorized domain transfer can take place.
Enable Account Activity Alerts
Some good domain registrars provide the facility of email alerts for any account activity. You can see below, how I regularly receive security alerts whenever any activity is performed in my domain account.
The security notification includes user name, IP address, time stamp and modification done for specific domains. Ask your domain registrar whether they provide similar security alerts or not. Normally, this is service is free of cost.
Keep Registration Information Up-to-date
Whenever you register a domain, you provide 3 types of contact information to the domain registrar.
1. Registrant's Contact
2. Administrative Contact
3. Technical Contact
The first one is of course your own contact information, the person who is registering the domain. Normally, if you are maintaining your blog on your own, you must provide the same contact information in the other two, as you gave in the 'Registrant Contact'. Always, keep your contact information updated. As soon as you change your email, phone or mailing address, do update your contact information in the domain account. If you forget to do this, you will not receive any notifications, alerts and reminders from your registrar and you may end up loosing your domain.
Keep Domain and Hosting Separate
Are your web host and domain registrar separate? If not, think about going this way. These days almost every web hosting service provider is coming up with hosting plans that include free domain with hosting package. I would never advice to go with this kind of arrangement, as it gives complete control of your hosting and domain to one company. In future if you are not satisfied with the hosting service and want to switch, they can create trouble for you by locking your domain and preventing any transfer.
Renew In Time
As your domain expiration time approaches, your registrar sends you several reminders for renewal. Ignoring these reminders and not renewing your domain in time can cost your very dearly. After expiration date, your domain goes into redemption grace period, and you can still get it back. But it will cost you anywhere between $100 or $200. So register your domain for long period (2 or more years) and renew in time to prevent any unwanted expenses or loss of domain. The best strategy is to register a domain name for long period (let's say about 5 years) and annually extend it for one year adding it to that final year. This way your domain expiration date will always remain that many years (5 years in our example) ahead.
Last Piece of Advice
And last but not the least are some general security concerns.
1. Use a separate email account for hosting and domain.
2. Use strong passwords and change them frequently.
3. Keep a back up of your password and registered information.
4. Do not go to your registrar's site via email links. Keep the habit of manually typing the address. This extra burden can save you falling into trap of hackers and phishing sites.
What Else I Have Missed?
I would like to hear more new methods you may have used to keep your domain in safe hands. What other safety precautions you implement to keep your domain safe?