Namecheap is crappy even in the day-to-day context. I had a domain that I had registered with them for about 3-4 years. Suddenly I started getting notices that I needed to verify my contact information, due to their policies about "new" domain registration. Every time they sent the reminder, the deadline moved back accordingly. Only it didn't - the domain was shut down on the first date.
Even transferring out was a hassle. I had privacy service, and namecheap sends the confirmation email to the proxy address, and not your actual contact address. They also spam filter the service so aggressively that you won't receive their transfer confirmations...sent FROM namecheap. Luckily, the transfer completed at the end of the window.
Their hosted email stinks, too. They spam filter it pretty hard and nothing you can do can effectively whitelist emails.
My impression is that they focus on not doing anything actively evil too often, and respond to just enough social media posts to give the impression they're responsive.
I neglected to mention this happened only a few months ago, after the domain had been quietly and happily registered for several years. Unless you're saying ICANN changed the rules recently, but I'm having trouble finding a record of that.
There was a requirement in 2014 (I think?) and recently they updated it in 2017. I think people that weren't meeting guidelines started getting notices from registrars around that time. A few clients of our had this happen to them from everyone from GoDaddy to Network Solutions to NameCheap. Some organizations that had their emails set to go to a person that no longer worked at the company were having their domains suspended...but it was all because of ICANN.
I got a free domain with Github student pack from Namecheap. Just my personal experience, the person I talked to seemed very helpful and kind. However, the multiple rounds of talking to a real person to register a domain makes me think they don't have nearly enough automation which is a red flag.
If you are using PrivateInternetAccess, you can't login to your NameCheap account. As in, your valid username and password will be rejected. This happens even if you have 2fa enabled. I reset my password twice (even though I _knew_ the original because I use a password manager) before I opened a support case, and they confirmed that they block legitimate logins if they detect you're using a VPN.
I wanted to move off of them, but everyone else is worse. CF Registrar is interesting, but there is precedent for CF revoking its services from non-abusive customers before (whatever that alt-right site was) so I don't think I will support them either. I heard Gandhi is good so I might check them out.
> CF Registrar is interesting, but there is precedent for CF revoking its services from non-abusive customers before (whatever that alt-right site was) so I don't think I will support them either.
Don't make claims that CF secretly support your politics, I guess. I think that's enough of a corner case not to worry about.
Gandi is good, I think the site upgrade is done now so there won't be much clunkiness for new domains. They're more expensive than most, but I've had no problems. I only use their DNS though, I can't comment on mail, mail forwarding or hosting.
Gandi are nice to you until you move your domain somewhere else, at which point they will immediately drop the privacy on your whois record until their version expires, as a nice parting gift. I complained to their support when that happened and they basically lied to my face, pretending to see only the new registrar's whois. Caveat emptor.
I've had the opposite experience with them. Things not working correctly, and a beyond useless support, who can only be contacted by email and often takes 24-48 hours to respond to even simply queries. I would stay away from them.
It's sad domains are stupidly expensive. They don't need $10+/year to maintain a domain. The sad reality when such an infrastructure is governed by a tree structure with no one to override.
Gandi's "No bullshit" slogan is far from correct. I had someone harassing ICANN on me with a domain they wanted, and Gandi kept requesting identity verification every other day. They wouldn't keep it on file, and locked my account.
That may have caused my headaches with Namecheap once actually. I've stopped using PIA due to the IP ranges being so abused, the final straw was my gmail getting randomly disabled for using that VPN (wasn't even logging in from different PC).
That was a pretty awful site and the ceo did say that it was kind of the wrong decision but the right choice so I support them 100% on that. They still have lots of bad customers who they still handle.
I love Namesilo and have been using them for over a year with no hiccups.
However, they were acquired by a Canadian investment firm earlier this year [1]. Till now there's been no change and things are still running smoothly — I just hope that continues.
Also, on closer inspection today, I realised that Namesilo does indeed increase renewal fee after the first year. The fee stays the same thereafter, and it's still the cheapest around, but it's worth keeping in mind.
I caught onto this when I realised their registration price is actually below the wholesale cost for .com domains, according to this Cloudflare blog post.
I might move my domains to Cloudflare when they make this available.
They are $8.99 for me for 1 year at a time. I have 7 domains with them but I didn't opt into their "discount program" (which required pre-funding your account at least $50 instead of using a CC / PayPal on demand). That's the one that drops them to $6.99 as seen here: https://www.namesilo.com/Support/Discount-Program
It does mention the renewal price is $8.89 (which is about the normal price) if you click the renewals tab.
I don't think I would put this into the same category as a bait and switch tactic that other vendors do. This one is all spelled out on the page and it's not part of the check out process. You have to go out of your way to discover and opt into the discount program.
I didn't opt in to the discount program. I have never preloaded anything.
I checked today and it was actually pretty difficult to find what the renewal prices would be. Partly because the website is awful.
I didn't say it's a bait and switch. Even the renewal prices are outrageously cheap. I have no bad feelings towards Namesilo. My intent to move to Cloudflare is not because I'm unhappy with Namesilo.
I also moved to namesilo last year after several years of goDaddy -> namecheap -> godaddy renewal pong. For 6 domains its just not worth my time to change (which they rely on to fleece you.) Worked it out I spent about 1hr to change, $7-$8 with coupons, so $7.50 avg, or $1.50 vs namesilo per domain. That's $9 for an hour, no thanks - namesilo from now on.
I used to use namecheap for all my stuff but they went a bit downhill. Their API was worse than useless and so rate limited I couldn't use it for Lets Encrypt DNS challenges in the end, so moved them all.
I wonder what the coverage is from CF for 'odd' tlds? I've got a .je domain that I had to register with gandi.net as no other big ones supported it.
After I moved my domains from Namecheap I wanted to close the account, rather than leave it dormant, and it took a week as support were so anal about the fact I had 1) some 'free' SSL certificates I had no intention of ever using and 2) 0.56UKP in my account I didn't care about but they wanted to transfer via Paypal to me. I appreciate the thorough nature of this, but i'd rather just close the account.
Am I just misremembering, or was there a time where the only way to register a .je was direct through island networks? I used to live there, and recall the domains always being a bit of a pain.
It seems like it was just a handful of users who posted their story multiple times. The users highclass, ethanwillis, kweks all had multiple comments only about namecheap on a thread that wasn't directly about namecheap.
Can I get more horror stories to confirm those are real? It's unfortunate because namecheap used to have the exact opposite reputation: https://news.ycombinator.com/item?id=3396606
I switched to namecheap during the godaddy exodus. Multiple times in the last 30 days they have disabled domains due to requiring whois contact verification. In one case the same domain being disabled 3 times in a row. Each time I'm assured it will not happen again and yet it does. And when it happens, not only do they change your DNS servers but they wipe out all your host records if you use their DNS service so you have to either rebuild your zone or stay online with support for hours while they restore everything. I've also had them revert a domain's DNS servers so that is is parked on an "expired" domain landing page before the domain was expired. I have a client that has also had their domain repeatedly switched to whois validation required this year. The only explanation I've been given is that it was a "system glitch" and won't happen again.
Seems likely that some of the issues might have been related to them switching from being an Enom reseller to their own direct ICANN accreditation but I'm still planning on migrating my domains out.
I have used them for years and never had a problem. However, they are slowly creeping their prices upward. .com is now a little over $13.00 and they just this year made domain proxy (hiding your contact info on whois) free.
I have been moving my stuff to porkbun.com. They are US based and $8.84 for a .com. Cloudflare is an interesting offering, although as of right now, it's not actually launched and it appears that you are required to be routing all your traffic through cloudflare to be able to use their registrar service. I don't know if that is a permanent requirement or just for now though.
it appears that you are required to be routing all your traffic through cloudflare to be able to use their registrar service.
Why do you say this? You can already use their DNS service without routing your traffic through Cloudflare, so it'd be weird that domain registration required that.
I've had namecheap for about 5 years, no complaints other than their 2FA requiring their own app for TOTP instead of supporting Authy. Moving to Cloudflare Registrar when it's released.
Biggest problem with them is the 2FA. I had to let my domains expire with them after I lost my phone and couldn’t login back. I just want to use freeOTP to get my 2FA codes and nothing else.
I had one of the worst customer support experiences I can remember with Namecheap that also involved private information disclosure. It was immediately after they had launched a "redesign" of their system (actually, a Frankenstein of some pages being new, the majority of the system being ancient).
It seems like they had a bug where in some cases they discarded the WHOIS information provided and used the billing details instead. Not only did they disclose private information, they endangered a white label contract I was working on.
Bugs are understandable, especially after redesign work, but the biggest problem came afterwards – customer support were useless. First they insisted it was user error and I simply hadn't entered the right details (I'm 100% certain that's not true). Then they claimed that they were unable to update the WHOIS information because they were just a reseller, so they had to forward my support request on. They refused to take responsibility and couldn't get anything done.
At this point they were taking weeks to respond to every message, even after promising a response within 24 hours. I even asked them for a response even if it was just "we asked again and no reply" which they agreed to then ignored. They wouldn't provide contact details for support at their supplier, they wouldn't escalate to anybody who could do anything, their whole attitude was to ignore me as much as they could and (presumably; I have no evidence of this) email their supplier once in a while when I annoyed them enough.
Meanwhile I had no explanation to give to my client, for over a month. We gave up on the domain.
Once I stopped chasing, Namecheap never bothered following up. Namecheap could never fix the problem.
Until that point, I had recommended Namecheap many times. Now I warn people away from them. Now I hesitate to recommend any service until I've used their customer support. I still see plenty of glowing recommendations for Namecheap. I wonder how many of them are from people who have never had to use their customer support.
Just had a follow up from Ted.
He says that legal received a complaint but ignored it, and perhaps the leak vector was via historical whois data.
Historical whois data says otherwise. Hard to draw a firm conclusion apart from the facts.
If someone really wanted to sue you, it's pretty cheap to issue subpoenas (<$100). The provider can quash the subpoena on the customers' behalf[1] but I don't know any who does.
I am considering moving to CF.
The problem that I just learnt is that essentially any SaaS provider has an AUP that says: If anyone accuses you of IP Infringement, you're gone. In theory, this seems fine - because unless you're a Bad Person, you'd never infringe someone's IP.
In our instance, our service providers received a swath of C&Ds electronically, alleging IP infringement.
Within 24 hours, our various services providers had disclosed personal information, cut off services, blocked payments.. all based on an unfounded email.
The legal system is based on due process. This process should be respected. If my service provider gets a legitimate subpoena, I expect them to react.
However, I don't expect them to divulge personal information and cut off services based on an unfounded email. It's really, really nuts how quickly you can lose your business / take down someone else's business..
Some things off the top of my head (personal experiences):
1. Have had them turn off private WHOIS for all (hundreds of) domains "by accident".
2. I haven't figured out a way to export a list of domains after their UI revamp some years ago.
3. At some point they started setting DNS records for newly purchased domains to their landing page with a 30 minute TTL, which makes setting up something on the fly impossible, unless you use their API:
4. Their API is flaky at best. I wrote a script to register domains and set NS records and was forced to write a loop to set NS records up to 10 times until they got set properly.
I ran into this same issue a few days ago where I needed to enter a long DKIM key into AWS Route53. Some providers might handle it differently, but this is a inherent DNS protocol limitation. You can split the string into multiple substrings, seperated by a space. Etc "long string..." => "long st" "ring...".
They also apparently support 2fa using just their app. REALLY wish they'd allow 3rd party.
They used to be amazing but recently their site has been slow and buggy with support trying to be helpful but ultimately falling short. Their prices seem to have also gone from being really good to just normal.
