HN
Today

Never Buy A .online Domain

A developer's misadventure with a cheap .online domain unravels a frustrating Catch-22 between Google's opaque Safe Browsing and a registry's heavy-handed serverHold policy. This story ignited Hacker News, sparking widespread debate over the unchecked power of tech giants and domain registrars to arbitrarily suspend digital property. It serves as a stark warning about the fragility of online presence in an ecosystem dominated by unaccountable algorithms and support black holes.

291
Score
144
Comments
#1
Highest Rank
9h
on Front Page
First Seen
Feb 25, 2:00 PM
Last Seen
Feb 25, 10:00 PM
Rank Over Time
111224111420

The Lowdown

The author recounts a cautionary tale of purchasing a discounted .online domain from Namecheap for a small project, only to have it disappear from the internet weeks later. What followed was a frustrating encounter with the opaque and seemingly unfixable mechanisms of domain management.

  • After buying a .online domain for a minimal fee, the site mysteriously received an "unsafe site" warning from Google Chrome and Firefox.
  • Investigation revealed the domain was blacklisted by Google Safe Browsing and subsequently placed on serverHold by the registry, Radix, rendering it unresolvable.
  • A Catch-22 emerged: Radix required Google to delist the domain, but Google's verification process for delisting required DNS records to be resolvable, which was impossible due to the serverHold.
  • The author reflected on key mistakes: deviating from traditional .com TLDs, not immediately adding the domain to Google Search Console, and lacking uptime observability.
  • Miraculously, the domain was removed from Google's blacklist shortly after the HN post, prompting the author to contact Radix to lift the serverHold.

The experience highlights the significant challenges and lack of recourse faced by individuals when caught between powerful entities like Google and domain registries, with little transparency or human intervention available.

The Gossip

Google's Gripes

Many commenters expressed strong disapproval of Google's immense and seemingly unchecked power over the internet, citing its opaque blacklisting processes and lack of user recourse. The discussion questioned the morality of Google's "indirect censorship" becoming direct via registry action and the monopolistic demand for Google Search Console verification. Several users shared personal anecdotes of Google arbitrarily banning accounts or services without explanation.

Registry's Recklessness

A major theme was the criticism directed at Radix (the .online registry) for automatically suspending domains based on Google Safe Browsing. Commenters argued this decision to enforce a `serverHold` created the impossible Catch-22 and effectively granted Google undue authority over domain functionality. They felt the registry was at fault for its policy, not Google for its blacklist, highlighting that a Safe Browsing warning should not lead to a complete domain takedown.

TLD Troubles & Trust

The discussion often reverted to the long-standing Hacker News wisdom: stick to .com, .net, or .org. Many users warned against 'vanity' or newer TLDs like .online, .xyz, or .icu, citing issues like higher rates of scam-related blacklisting by security systems, unexpected and exorbitant renewal fees, and a general lack of trust from various internet services. Some, however, noted success with these TLDs or argued cheap TLDs attract scammers, thus leading to tighter scrutiny.

Accountability & Appeals

Commenters lamented the general lack of accountability and functional appeal processes from large tech companies and registries. The difficulty of verifying ownership or disputing bans when automated systems are involved was a recurring pain point. There was debate about whether Google's "unsafe site" label constituted libel and whether legal action could be pursued against such powerful entities for damages.