Due to recent domain name hijacking I learned how to safeguard your assets online and to protect your identity. I’m at initial stages of my career as a web entrepreneur so this knowledge that I gained during this bad time will help me in the long run. Off course as a reader you can also benefit from my experiences.
So here we go with some quick security tips.
Domain Name Account Protection
Domain names are the cheapest thing when you build a website, you can buy for a few bucks while you pay lot more (hundreds or thousands of dollars) for hosting every year. Imagine if you are left without your domain name (your domain name is hijacked) what you have got? A hosting account with CMS/template files and a database! These files of your website are of no use for you without a domain name.
Its very important to register your domain name with a registrar that is secure and have a proven security record. I registered my domains with Name.com, they have pretty good security on domain accounts. If my account was hacked it was not the fault of domain registrar, my email account got hacked first and then cracker took control of my domain name account. However Name.com helped me out and I took my account back.
Hint Name.com offer an added layer of security with their name safe service, $20 yearly fee and you are more protected.
If you are looking for a proven security record. The only domain registrar that has a proven security record is Moniker.com. Moniker offers personalized security questions for each of your domain names. Even if someone cracked your ID & password with Moniker, they cannot move or change your domains without answering these security questions.
Domain registrar support service is also very important, what if your account is hacked and you cannot get to their support department for several days? Please research on their support response time before registering with them.
Your domain registrar should not be a reseller. Yes, if your domain registrar is a reseller, if he is a one man company. What if he closes his business or he get ill or die? Or worst move out of country, what will happen to your domain names? People those are registering domain names in India and Pakistan (or other small countries) with local companies are actually registering with domain resellers, these are individuals (with few exceptions) charging you high prices and putting you at a risk. Always register your domains with ICANN aggregated domain registrar.
Email address that you are using when registering domains is also important. If you (or your company) can afford get a secured email account (paid) for your domain names. Don’t go for free email services. Every time a domain is hijacked the reason come to know is free email services like Gmail, Yahoo! mail or Hotmail.
Use a separate email address for registering domain names, other then your general/personal email address.
Hint You should use a different email address in billing, contact and administration information in domain who is. Don’t use email address that you used with your account registration (account ID). For example, I registered my domain account with email ID [email protected] while in who is information I used [email protected]. This way crackers don’t get know what email address is used to register that domain account.
You can also enable domain privacy to hide your contact details.
Network Integrity Monitoring
One thing that save me from lot of trouble in this domain hijack attempt is ‘Network Integrity Monitoring’. When cracker made changes with my domain names, I got an alert in email instantly and upon investigating I discovered that my domain account is compromised. If wouldn’t had ‘Network Integrity Monitoring’ may be it would have been too late for me to know about that. I got this service from sucuri.net. And another amazing this is, this handy service is free to use.
Your PC security is very important. Always use a good firewall, Anti virus and spyware removal software. Use McAfee Site Adviser when surfing online. Keep your windows updated with latest security releases.
Do you have any other ideas? Please feel free to share using comments.