Domain Privacy Protection: Is It Worth It?

What is Domain Privacy Protection?

As with any discussion, it’s good to first touch on what it is we’re talking about. Domain privacy or WHOIS protection (different registrars sometimes refer to it by different names) hides the domain registrant’s personal information from the public WHOIS database.
WHOIS is an organization that manages all data regarding domain registration. All registrant details are considered public information, in addition to the nameservers and other simple details regarding domain registrations (e.g. registration, renewal, and expiry dates).
If someone knows a registered domain name, they can enter it into any WHOIS search tool on the web to retrieve this public information. With privacy protection in place, all of this information becomes masked.
This includes hiding your personal name, address, phone, email, and business name. Instead, a generic registrar-generated information set is displayed.
Here’s an example of a WHOIS response when privacy protection isn’t purchased:
Domain name: asmallorange.com
Registrant Contact:
A Small Orange LLC
Douglas Hanna ()
Fax:
131 Orange Street
Durham, NC 27701
US
Administrative Contact:
A Small Orange LLC
Douglas Hanna (billingstaff@asmallorange.com)
+1.9194087600
Fax: +1.6782986780
131 Orange Street
Durham, NC 27701
US

Technical Contact:
A Small Orange LLC
Douglas Hanna (billingstaff@asmallorange.com)
+1.9194087600
Fax: +1.6782986780
131 Orange Street
Durham, NC 27701
US
This example DOES have privacy protection enabled:
Registrant:
Contact Privacy Inc. Customer 0131249305
96 Mowat Ave
Toronto, ON M6K 3M1
CA
Domain name: MARLOANDCO.COM

Administrative Contact:
Contact Privacy Inc. Customer 0131249305, marloandco.com@contactprivacy.com
96 Mowat Ave
Toronto, ON M6K 3M1
CA
+1.4165385457

Technical Contact:
Contact Privacy Inc. Customer 0131249305, marloandco.com@contactprivacy.com
96 Mowat Ave
Toronto, ON M6K 3M1
CA
+1.4165385457
Exclusive Bonus: Looking to buy a domain for a new blog? Download our beginner’s guide to blogging cheat sheet and make sure you build your blog the right way from day one.

Why You Need Private Domain Registration

When you purchase a domain, your registrar is required by ICANN to enter the contact information of the site owner. Some kind of information must be submitted. So unless you opt to protect your personal data, it goes public.
Privacy protection hides personal contact information from complete strangers. This is pretty straightforward and is one of the most common reasons domain owners opt for privacy protection.
Almost everyone has the ability to access the internet, meaning that almost anyone could potentially have access to your mailing address, phone number, and email address. If a website includes debatable or hotly-contested topics, it can be an especially safe move to make personal contact details difficult to obtain to help avoid undesired contact from strangers.
Here are four reasons you should considering paying for private domain registration.

1. Protect Your Personal Data

Identity theft continues to be a common problem, and every 2 seconds there is a new victim. We go to great lengths to protect our privacy when it comes to banking, phone numbers, and even the information we share on social media. The same precaution should be taken with domain registration information.
There is enough data contained in a WHOIS domain record for a skilled or tenacious thief to start causing problems, and enable them to dig deeper into your personal data for the purpose of identity theft. Using domain protection covers your tracks with the info of your proxy service.

2. Stop Unwanted Solicitations

Listing personal contact information for your domain is an open invitation from telemarketers, sales people, spammers, and con artists. There are countless services that scrape WHOIS data for contact information, specifically from recently registered websites.
It doesn’t take long after a domain registration to start getting a flood of calls and emails about SEO services, content optimization, social media marketing, mailing services, virtual assistants, freelance opportunities from people overseas, and more.
What’s worse, there are scammers who may contact you when your domain is nearing expiration, with “renewal services” that actually do nothing to renew the domain, or that transfer it without your knowledge, and can cost the owner hundreds of dollars in bogus “services.” Be wary of any items received in the mail regarding your domain, and always contact your current registrar before responding to such solicitations.

3. Protect Your Email Address

When you use private domain registration, your registrar typically creates an alias or unique email address that is used in place of your own within the WHOIS database. This email address does not remain constant and will be updated fairly often. This is done to keep away unsolicited email from spammers.

4. Prevent Domain Hijacking

Domain hijacking used to be a much larger issue. Thanks to domain transfers being locked by default by most registrars after acquisition, it’s not as easy as it used to be. With this lock set, no one is able to transfer your domain away from you unless they somehow manage to get access to your domain registrar account and email.
Hiding your personal information adds one more hurdle to the process, making it extremely difficult for someone to harvest the data and attempt to gain access to your account.
While privacy protection is enabled, the domain transfer authorization email will be sent to the dummy email address listed rather than the registrant’s email address, making the transfer fail if not authorized. Most (if not all) dummy email addresses provided by registrars do NOT forward to the registrant’s email address.

What Are the Downsides to Private Domain Registration?

Privacy protection may seem like a common sense choice when you’re setting up a new website. After all, you’re just protecting your personal information and trying to keep predatory telemarketers and shady people away.
Still, there are some downsides to consider with an added service like this.

1. The Additional Cost

When you want extra protection from a service like this, you’re likely going to pay for it. Prices can vary greatly from one provider to another, from a few dollars a year to a few extra dollars per month. The cost isn’t regulated by anyone, so the private registration services get to determine their rates. On one hand, you’re paying for them not to publish your information. On the other hand, how much value will you get from that privacy? You have to decide whether or not it’s worth the added cost.

2.  Is it Really Private?

You can pay to have your personal information kept private in the WHOIS record, but does your provider really keep your information private? It is entirely possible that your registrar can sell or distribute your content information by other means. While there are ICANN policies in place, registrars have violated these in the past – so there’s nothing necessarily stopping less-trustworthy companies from sharing your registration information if someone were to contact them and ask for it.
Make sure you review the privacy policy of the registrar to ensure that information is not being shared or given out without your permission.

3. Your Information Might Still Be Public

Private domain registration can be set up at any time, but if your domain was already registered without privacy protection in place, your information might still be public. There are tools available that allow people to do historic searches and find previously listed ownership data on domains. Some of these tools may even show transfer or sales records of domains.

4. Your Reputation May be in Question

Customers are far less trusting of brands these days, as is evidenced by a Nielsen study showing that more than 92% of consumers trust peer data and reviews over brand advertising. Some of your prospective customers may even go so far as to check the WHOIS information to verify whether your business is legit.
If you have a business website but your contact information is fully private, a prospective customer may decide that you’re trying to hide something, or you’re not who you say you are. After all, what does a legit business have to hide that they wouldn’t share their public contact information? Maybe you’re not really that small-town maker of artisan furniture – you might be some scammer who is going to steal their credit card information. Transparency can go a long way towards alleviating the concerns of prospective customers.

5. Privacy Protection Isn’t Always Available

Depending on the top-level domain you choose, you might not be able to set up privacy protection. It is widely available with most domain extensions with the exception of .cn, .us, .au, .asia, .eu, .xxx, .cc, .tv and .name.
With one of those domain extensions, you’ll be required to list your accurate contact information as the registered owner of that website domain.

6. Who Actually Owns the Domain

Whenever you opt for privacy or WHOIS masking, you should understand the implications of putting someone else’s information down as the registrar of the site. In the eyes of the registry (ICANN or CIRA), the individual or organization listed as the registrant for the domain is technically the legal owner of that domain name.
That means that even if you’ve paid for registration, you’re not the legal owner if your name is not listed in the WHOIS. Mind you, you aren’t likely to get into a legal battle with the registrar about who owns the domain. Still, if it were to ever come down to a legal dispute, the registrar could come out the winner with their information down as the site owner.

Bottom line


It’s not a requirement, or a necessity, to invest in domain privacy protection. Still, the cost is negligible when you weigh the value that is offered. If you want to keep the solicitations at bay and protect your privacy, then it can be a worthwhile investment.

Get A Free Google API Key

Introduction



During the previous years, I published several VBA functions that used Google web services, such as GeocodingElevation, and Directions. These functions worked in the same way: a properly formatted request was sent to Google server, and, then, a response was received in XML format. If the response was successful, the requested field was retrieved (latitude, longitude, elevation, trip distance etc.) by reading the XML file. These VBA functions working fine for several years, however, Google started to not allow the requests over HTTP protocol anymore, so these functions have become useless. This is the reason why I decided to rewrite all of these VBA functions while guiding you on how to get a free Google API Key that is now required.



Steps to get a valid API key



The tutorial below can be used for ANY Google API. As an example, I use the Geocoding API. The only prerequisite for this process is to just have a Google account.

1.    First of all, log in to your Google Account.

Logged In With Gmail Account

2.    Search for the appropriate API by using something like “Google API Name API Key”. The first result will probably be the one you need to click.

Search For API Key

3.    On the API page, click on the Get A key button.

Navigate To Google API Page

4.    You need to select the Yes option on the radio button. If you need to change the default project name, then click on “My Project”.
Enable API
5.    Select the Create a new project option to name your new project.
Create A New Project
6.    Rename the project and press the Next button.
New Project
7.    After waiting for a few seconds, your API key will pop up. You can simply copy it and then press the Done button. However, I suggest you click on the API console hyperlink.
Get The API Key
8.    On the page that opens on a new browser tab you can rename your API key, but more importantly, you can restrict its access (if you need to do it). Furthermore, you can regenerate or even delete the key if you no longer need it.

Console Options

9.    If you click on the Dashboard option on the top left of the page, you can see useful information for the particular project, such as the requests, the errors per hour etc. Note that you can use multiple APIs on the same project. In this example, I use only the Geocoding API on my test project.

Console Dashboard

10.    Finally, the previous step is useful (Dashboard) because each API has some limits for free usage. You can check these limits on the corresponding page and make sure you don’t exceed them!

API Usage Limits


Epilogue



If you followed these easy steps, you will get a valid API key that you can use it on your projects. To save you some time, here are the links to the API key pages that I have used in the VBA functions presented in this blog:

AUTO-POPULATE LATITUDE AND LONGITUDE IN EXCEL





Option Explicit

Function GetCoordinates(Address As String) As String
   
    '-----------------------------------------------------------------------------------------------------
    'This function returns the latitude and longitude of a given address using the Google Geocoding API.
    'The function uses the "simplest" form of Google Geocoding API (sending only the address parameter),
    'so, optional parameters such as bounds, language, region and components are NOT used.
    'In case of multiple results (for example two cities sharing the same name), the function
    'returns the FIRST OCCURRENCE, so be careful in the input address (tip: use the city name and the
    'postal code if they are available).
   
    'NOTE: As Google points out, the use of the Google Geocoding API is subject to a limit of 2500
    'requests per day, so be careful not to exceed this limit. For more info check:
    'https://developers.google.com/maps/documentation/geocoding/usage-limits
       
    'In order to use this function you must enable the XML, v3.0 library from VBA editor:
    'Go to Tools -> References -> check the Microsoft XML, v3.0.
   
    '2018 Update: In order to use this function you will now need a valid API key.
    'Check the next link that guides you on how to acquire a free API key:
    'https://www.myengineeringworld.net/2018/02/how-to-get-free-google-api-key.html
   
    'Written By:    Christos Samaras
    'Date:          12/06/2014
    'Last Updated:  07/03/2018
    'E-mail:        xristos.samaras@gmail.com
    'Site:          https://www.myengineeringworld.net
    '-----------------------------------------------------------------------------------------------------
   
    'Declaring the necessary variables. Using 30 at the first two variables because it
    'corresponds to the "Microsoft XML, v3.0" library in VBA (msxml3.dll).
    Dim ApiKey          As String
    Dim Request         As New XMLHTTP30
    Dim Results         As New DOMDocument30
    Dim StatusNode      As IXMLDOMNode
    Dim LatitudeNode    As IXMLDOMNode
    Dim LongitudeNode   As IXMLDOMNode

    'Set your API key in this variable. Check this link for more info:
    'https://www.myengineeringworld.net/2018/02/how-to-get-free-google-api-key.html
    ApiKey = "Your API Key goes here!"
   
    'Check that an API key has been provided.
    If ApiKey = vbNullString Or ApiKey = "Your API Key goes here!" Then
        GetCoordinates = "Invalid API Key"
        Exit Function
    End If

    'Generic error handling.
    On Error GoTo errorHandler
   
    'Create the request based on Google Geocoding API. Parameters (from Google page):
    '- Address: The address that you want to geocode.
    '- Sensor: Indicates whether your application used a sensor to determine the user's location.
    'This parameter is no longer required.
    Request.Open "GET", "https://maps.googleapis.com/maps/api/geocode/xml?" _
    & "&address=" & Address & "&sensor=false&key=" & ApiKey, False
   
    'Send the request to the Google server.
    Request.send
   
    'Read the results from the request.
    Results.LoadXML Request.responseText
   
    'Get the status node value.
    Set StatusNode = Results.SelectSingleNode("//status")
   
    'Based on the status node result, proceed accordingly.
    Select Case UCase(StatusNode.Text)
   
        Case "OK"   'The API request was successful. At least one geocode was returned.
           
            'Get the latitdue and longitude node values of the first geocode.
            Set LatitudeNode = Results.SelectSingleNode("//result/geometry/location/lat")
            Set LongitudeNode = Results.SelectSingleNode("//result/geometry/location/lng")
           
            'Return the coordinates as string (latitude, longitude).
            GetCoordinates = LatitudeNode.Text & ", " & LongitudeNode.Text
       
        Case "ZERO_RESULTS"   'The geocode was successful but returned no results.
            GetCoordinates = "The address probably not exists"
           
        Case "OVER_QUERY_LIMIT" 'The requestor has exceeded the limit of 2500 request/day.
            GetCoordinates = "Requestor has exceeded the server limit"
           
        Case "REQUEST_DENIED"   'The API did not complete the request.
            GetCoordinates = "Server denied the request"
           
        Case "INVALID_REQUEST"  'The API request is empty or is malformed.
            GetCoordinates = "Request was empty or malformed"
       
        Case "UNKNOWN_ERROR"    'Indicates that the request could not be processed due to a server error.
            GetCoordinates = "Unknown error"
       
        Case Else   'Just in case...
            GetCoordinates = "Error"
       
    End Select
       
    'In case of error, release the objects.
errorHandler:
    Set StatusNode = Nothing
    Set LatitudeNode = Nothing
    Set LongitudeNode = Nothing
    Set Results = Nothing
    Set Request = Nothing
   
End Function

'-------------------------------------------------------------------------------------------------------------------
'The next two functions using the GetCoordinates function to get the latitude and the longitude of a given address.
'-------------------------------------------------------------------------------------------------------------------

Function GetLatitude(Address As String) As Double
   
    'Declaring the necessary variable.
    Dim Coordinates As String
   
    'Get the coordinates for the given address.
    Coordinates = GetCoordinates(Address)
   
    'Return the latitude as number (double).
    If Coordinates <> vbNullString Then
        GetLatitude = CDbl(Left(Coordinates, WorksheetFunction.Find(",", Coordinates) - 1))
    Else
        GetLatitude = 0
    End If

End Function

Function GetLongitude(Address As String) As Double

    'Declaring the necessary variable.
    Dim Coordinates As String
   
    'Get the coordinates for the given address.
    Coordinates = GetCoordinates(Address)
   
    'Return the longitude as number (double).
    If Coordinates <> vbNullString Then
        GetLongitude = CDbl(Right(Coordinates, Len(Coordinates) - WorksheetFunction.Find(",", Coordinates)))
    Else
        GetLongitude = 0
    End If
   
End Function

Testing Web Server Security

https://www.ssllabs.com

SSL Labs is a collection of documents, tools and thoughts related to SSL. It's an attempt to better understand how SSL is deployed, and an attempt to make it better. I hope that, in time, SSL Labs will grow into a forum where SSL will be discussed and improved.
SSL Labs is a non-commercial research effort, and we welcome participation from any individual and organization interested in SSL.

Online Payment - Expiring TLS 1.0 (Windows)

For those wanting to migrate their .NET 2.0 framework to use TLS 1.2 you need to install hotfixes on your server:
Windows Vista and Windows Server 2008
Windows 7 and Windows Server 2008 R2
Windows Server 2012
Windows 8.1 and Windows Server 2012 R2
Once the hotfix is installed you can either make registry changes on the server as indicated OR make code changes in your app to reference TLS 1.2 directly.
C# ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
VB ServicePointManager.SecurityProtocol = DirectCast(3072,System.Net.SecurityProtocolType)