If you own a domain name read on, there’s a good chance you or your friend might need it.
Here’s how the nightmare story goes.
My friend, let’s call her Nicole, calls me last night at 9pm. The problem is, she doesn’t want to renew her domain or hosting for another year and pay $100. However, she wants to save her website because she paid some $800 for it, naturally she wants to protect the investment. Now some of you are thinking, well that’s a piece of cake, just copy the files with a FTP program, or just download the tar.gz file with cPanel. The problem is, my friend Nicole isn’t tech savvy, she’s an artist. Now that wouldn’t be such a problem if the guy who developed her website, and pretends to be a “hosting company” isn’t looking to take advantage of her, her ignorance, and extort money out of her. He tells her, you can’t get the website unless you renew everything for a whole year.
So, I tell Nicole to ask for the username and the password, so we can save the website, and for the EPP code to transfer the domain. I managed to convince her that it would be smart to save the domain, and that I have several hosting accounts, and that she could host her website for free on one of mine accounts. There’s only 1 more day left according the WHOIS, so I am thinking, OK, there’s still enough time. She first told me that today was the last day. I also checked her website, and it was still functioning, it had a cart for ordering paintings, about me page, etc.
Hosting company turns into Darth Sidious
Nicole calls hers… I still have trouble calling that extorter a hosting company, because that would be putting a dark shadow over the good guys. So from now own, I will call him, Sidious. The thing is, hosting companies are holding the entire Internet up and running. Those tabs you have opened up there in your browser, you couldn’t see any of that if there were no hosting companies. People in the hosting industry are some of the most hard working people I know. They have to deal with 24-7 support, hackers, updates, upgrades, business, lawyers, blacklists, spams, etc… I am telling you, it’s a war zone out there. Trust me, you do not want to run a hosting company when 200 of your clients get hacked on Christmas morning, and you have a hangover.
So anyway, Nicole calls Sidious, and asks for what’s rightfully hers. And she doesn’t understand what she is asking (just repeating what I told her). To give her the username and password, and the domain name EPP code. What happens next? Sidious suspends her website, and tells her it’s too late, and that she should press CTRL + F5 to see the change. Adding again she needs to pay the $100 for another year if she wants her website. I confirm, the website is now down.
….
The awful thing is, when I was a hosting provider, I had similar experience with my new hosting clients. They wanted to jump boat, and Sidious guy was giving them a hard time. So Nicole asks me, WHAT NOW? You could hear the despair in her voice, thinking she was robbed, lost her website, her domain, gone. Thinking, a website was a bad idea. At this point, I am thinking, how can I cause damage to this guy. However, I know better than that. I want to teach as much people as possible that this can happen. Users should check with their hosting provider, and the domain registrar right from the start, an exit strategy.
Hosting company works hard to protect you
In case a thing like this does happen, feel free to call the police, lawyers, threaten with legal actions and try to find a friend who understands the language and protect your rights. I wish I could say something down the lines of “if you can’t afford a lawyer one will be appointed to you”, but it won’t. You have to get someone from the hosting industry to protect you. There are ways of hurting a hosting company, but that’s far to powerful weapon that I can just blog about (I don’t mean any illegal activities). The thing is, I know there are more than few cases when a client is wrongfully accusing a hosting company, and I wouldn’t want them with this weapon in hands, again, the good hosting guys might get hurt.
Oh and another thing. Always check the WHOIS if you and your email address are there as your main point of contact, and ask your provider how and where you can unlock the domain and get the EPP code. It is alternatively called an auth code, a transfer key, a transfer secret, EPP authentication code, or EPP authorization code. EPP stands for Extensible Provisioning Protocol, check Wikipedia.
We made a website years ago where you can check whois for free, CroDNS. Where do you host your website and where do you register your domains, and have you tried leaving them?
Here’s a few more advices that people on Hacker News commented.
1. Always register your domain name with a company other than your hosting provider. Don’t even allow the domain registrar to be owned by the same corporation.
2. Always maintain a complete, separate copy of the website’s content. Never allow the only copy of a Website to be in the hands of an ISP.
Goran Duskic co-founded a game development team Generation Stars when he was a teenager, and he co-founded hosting and web develpoment company GEM Studio (which was sold in 2011). He co-founded tech startup WhoAPI and has 10+ experience in business development, online marketing strategy and PR.
. A domain name is an identification string that defines a realm of administrative autonomy, authority, or control on the Internet. Domain names are formed by the rules and procedures of the 
