GoDaddy really lived up to its bad reputation and recently changed their API rules. The rules are simple: either you own 10 (or 50) domains, you pay $20/month, or you don’t get the API. I personally didn’t get any communication, and this broke my DDNS setup. I am clearly not the only one judging from what I found online. A company this big gating an API behind such a steep price… So I will repeat what many people said before me (being right): don’t. use. GoDaddy.

@dylanTheDeveloper@lemmy.world
link
fedilink
English
37
edit-2
5M

GoDaddy can GoFuckThemselves, wondering why my shit was broken until i found out

@loudwhisper@infosec.pub
creator
link
fedilink
English
215M

Been there…

I thought my API keys were expired, I regenerated them, changed a couple of things, checked all API calls to see if they changed API itself…then I searched the exact error and found out.

For such a breaking change to the API, was it hard to drop an email to every account not meeting the damn “requirements” with an API call performed in the last x months, to alert of the change?

@Decronym@lemmy.decronym.xyz
bot account
link
fedilink
English
1
edit-2
5M

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

Fewer Letters More Letters
CSAM Child Sexual Abuse Material
DNS Domain Name Service/System
IP Internet Protocol
VPS Virtual Private Server (opposed to shared hosting)

[Thread #870 for this sub, first seen 15th Jul 2024, 01:55] [FAQ] [Full list] [Contact] [Source code]

@markstos@lemmy.world
link
fedilink
English
145M

ClouDNS makes DDNS easy for a low cost for 1-5 domains.

@waddle_dee@lemmy.world
link
fedilink
English
15M

Is it relatively easy to switch domains? I just set up my old laptop as a home server and I registered with domain.com.

@markstos@lemmy.world
link
fedilink
English
25M

Domain.com sounds like a domain registrar. You would keep that service and point your name servers for the domain to the ClouDNS name servers.

@waddle_dee@lemmy.world
link
fedilink
English
15M

I hate to bother you with another question, but what is the goal of changing the name servers I have with domain to another? Could I just use ClouDNS for everything? I wish I had taken more time before I bought the domain through Domain.com. It seems like everybody likes ClouDNS.

@markstos@lemmy.world
link
fedilink
English
15M

There are two services involved. Domain registration and DNS. Most domain registrars now provide some free DNS service, with basic features. I monitor dozens of domains, and I can tell you that these free DNS services with registrars are most likely to have short DNS outages as well.

ClouDNS is a professional, high-quality DNS service and that does one thing well. As far as I can tell, they don’t do domain registration, so that will always be a separate service. One of the things that ClouDNS does well is making Dynamic DNS easier.

@waddle_dee@lemmy.world
link
fedilink
English
25M

I just checked and ClouDNS offers domain registration! So, I think I’m going to just move everything over there for convenience. Also, I know why my server is unreachable a couple hours every day lol. Love this community and Lemmy. Feels a lot like the old, old Reddit days. Thanks!

Transfering a domain from one registrar (IE reseller) to another can be a pain, but yes you can - it normally involves a fee and manual actions from the registrars.
As long as the new registrar supports the TLD. A few Geo-TLDs can only be resold/managed by some registrars.

The easiest thing to do is to point the domain at ClouDNS nameservers.
Make sure you are happy with ClouDNS (I’ve never had issues with them) etc before committing

@loudwhisper@infosec.pub
creator
link
fedilink
English
10
edit-2
5M

ClouDNS

I think I heard of it. I think most DDNS scripts support a lot of registrars as well, if one doesn’t want to go with full DNS hosting.

In case of DNS hosting (I also linked it in the post, but it’s a good shotout), there is desec.io too. EU-hosted, free (although donations are highly encouraged) and has a tons of features! There is also a Terraform provider!

@markstos@lemmy.world
link
fedilink
English
15M

Look at how Dynamic DNS supported. Does it require full access to the account-- dangerous-- by using your login credentials or an API token with full read/write access? Or does it over a very limited scope access that gives the Dynamic DNS tool precisely the access it needs to update a single DNS record-- much safer! The latter is what CloudDNS does.

Chewy
link
fedilink
English
26
edit-2
5M

desec.io can be used with any domain registrar and has an API with support for various ddns clients (ddclient, lego).

deSEC is a free DNS hosting service, designed with security in mind.

Running on open-source software and supported by SSE, deSEC is free for everyone to use.

Edit: To clarify, desec.io does not sell/rent domains. Desec has to be set as the authoritative nameserver on the registrar, then desec can manage domain records instead of the registrar (which usually also provides their own domain hosting for “free” by default).

Yes, a thousand times this. DeSEC is awesome, I moved my domain record management there. I’m usually buying domains on namecheap, and the IP allow list thing for the API was just too annoying to deal with.

What’s the benefit of having a separate DNS host? I’m using porkbun and had to mess around with its dns records to configure my email hosting. Does having separate service mean I don’t have to do this all over again If I switched registrars?

@loudwhisper@infosec.pub
creator
link
fedilink
English
45M

Yes, pretty much that. Plus some configuration might be easier with a DNS hosting. But the main benefit is decoupling domain and DNS for easier change.

I would suggest ddns.net if they hadn’t irrevocably eaten two of my domains already (when the client software doesn’t check in, the domain disappears from your account, but they don’t get marked as available so no other account can filch them)

@loudwhisper@infosec.pub
creator
link
fedilink
English
15M

I think I used it in the past. Is the one where every X months you need to go the the console and confirm the domain is still used, right?

I think nowadays there are better options (incl. Free) with less maintenance and more flexibility

`Da Elf
link
fedilink
85M

@loudwhisper GoDaddy gonna GoDaddy. *shrug*

@loudwhisper@infosec.pub
creator
link
fedilink
English
45M

Yeah, indeed. To me is still completely absurd. At this point is not just a bad registrar, for most of us (hobbyists), I think it’s a completely non-functional option. Basically every competitor offers an API.

I stuck with them out of lazyness for far too long.

@solrize@lemmy.world
link
fedilink
English
15M

Namesilo has it, porkbun didn’t last time I checked, iirc. Dunno about Cloudflare. GoDaddy has always sucked in so many ways that I never looked into their DNS.

Auli
link
fedilink
55M

@solrize @loudwhisper pork bun has had one for years. Don’t remember when I switched to them but it’s been a couple years.

@loudwhisper@infosec.pub
creator
link
fedilink
English
55M

Oh Yeah, Porkbun does have API (it seems since sometime last year? ). I think also Cloudflare, Namecheap and many others do too.

I agree about GoDaddy. It was an original sin for me to use them years ago, and I was lazy with just one domain that I use for most of my emails etc. I deferred the move for a while and then - how it often happens - I had to do it in “emergency” mode.

SolidGrue
link
fedilink
English
4
edit-2
5M

I use Porkbuns API. It’s not sophisticated, but it works.

John Richard
link
fedilink
English
665M

This is what NameCheap does too. It’s freaking stupid. Domain registrations should not be managed by corporations.

@5714@lemmy.dbzer0.com
link
fedilink
English
145M

I’m saying this for years, but a) it’s quite late (seems like a 1990s issue) and b) OpenNIC is a bit of a joke atm (but support it anyways)

ICANN never should’ve been a creature of US-NTIA, but of the UN. The US has no right to decide for the digital world how everyone communiticates. No one really should (apart from about stuff like CSAM).

@loudwhisper@infosec.pub
creator
link
fedilink
English
365M

NameCheap

WOW! I did not know that. I just checked and after a little search:

We have certain requirements for activation to prevent system abuse. In order to have API enabled, your account should meet one of the following requirements:

- have at least 20 domains under your account;
- have at least $50 on your account balance;
- have at least $50 spent within the last 2 years

$50 in last 2 years is not much, but for those who renew for many years, it is still stupid.

Ironically, Namecheap is what the people in https://github.com/navilg/godaddy-ddns/issues/32 migrated to!

I really wish that domain registration was done in a different way, but even in current scenario, gutting features for such a basic service to extract a few bucks and risking losing customers…?

lemmyvore
link
fedilink
English
95M

These are ancient holdovers. Nowadays DNS hosting with API is a dime a dozen. You may have to pay for it occasionally but it’s not going to be even close to $20/mo.

@loudwhisper@infosec.pub
creator
link
fedilink
English
125M

$20/month for a service that anyway is low traffic (especially for hobbyists) is a completely insane price. Even more insane is that their cheapest subscription still doesn’t offer any API access. I agree anyway, but are these staying in business just because they have a consolidated market share? Do they have access to more TLDs? I don’t know, I am genuinely confused. I have absolutely no reason whatsoever to even think of using GoDaddy again.

lemmyvore
link
fedilink
English
55M

I like the way Bunny.net does paid DNS, 20M monthly queries for $1 and $0.1/M after that. With an API included, ofc. Now that’s the kind of pricing I can get into as a self-hoster, not $20/mo.

GoDaddy advertises a lot, basically. So whenever a person who’s never owned a domain before searches for “get a new domain” they’re gonna get GoDaddy, NameCheap and (ironically) Google Domains as the top results. That’s pretty much all there is to it.

@loudwhisper@infosec.pub
creator
link
fedilink
English
25M

Yep, I like bunny in fact. It didn’t have all the features I needed back then, but it’s a very good product, I heard very good things.

I also agree about the pricing. I ended up not using desec.io, but if I did, I would have probably set a 1-2 Euros recurring donation, as I feel that’s a totally acceptable price.

As for why people use GoDaddy well… I feel personally attacked as that’s exactly how I ended up there, when I didn’t know better.

@catloaf@lemm.ee
link
fedilink
English
65M

That can’t be right. I only had two domains (one now) and I’ve been using the API just fine. And basically any purchase will clear those dollar amounts.

@loudwhisper@infosec.pub
creator
link
fedilink
English
85M

I found it on their FAQ.

Yes, it is generally less restrictive, but… I have 4 domains, and now I have renewed all of them for the maximum amount. They will all expire after 2033. So unless I decide to add more domains (which is unlikely), I won’t spend a cent in the next ~9 years. I wonder if they really enforce it as it is written or they consider still the renewal an expense “split” over the duration.

Still, I really don’t understand. You can - and should - have proper rate limits on the API. You have API keys that uniquely identify the source, what is “the abuse” they are trying to prevent this way…?

@hedgehog@ttrpg.network
link
fedilink
English
45M

Doesn’t their API also require you to allow-list IPs, making it basically useless for dynamic DNS?

From https://www.namecheap.com/support/api/intro/ under “Whitelisting IP.”

@loudwhisper@infosec.pub
creator
link
fedilink
English
25M

That’s a very interesting gotcha. They don’t seem to support address ranges either. Unless once you add the whitelist the requests still work from any address (their documentation is ambiguous). This is even more confusing.

@catloaf@lemm.ee
link
fedilink
English
15M

Not sure. Personally I only use it for Let’s Encrypt DNS challenges.

@foggy@lemmy.world
link
fedilink
English
75M

Damn. I always though they were one of the good ones.

@can@sh.itjust.works
link
fedilink
English
3
edit-2
5M

I still think they are but maybe my needs are simple. It was definitely better when I switched over (from godaddy*) during one of the migrations.

@foggy@lemmy.world
link
fedilink
English
25M

They’ve been my go-to rec for like 6 years 😢

Their support is top tier, which is important when it’s important. But this complicates things. I’ll have to take a close look at the competition these days.

SolidGrue
link
fedilink
English
85M

Gandi changed their TOS and price structure last year, so I ported everything over to Porkbun for a small savings, but mostly as a big middle finger to Gandi.

If you’re gonna get banged that kind of cash for functions you’re already using, you may as well look at better registrars, and get better value for your spend.

Shop around.

@loudwhisper@infosec.pub
creator
link
fedilink
English
95M

I also migrated everything to Porkbun. Gandi used to be good too, we used it extensively at work in my previous org (~3 years ago).

Is the whole sector regressing? It seems these companies aren’t happy just earning a profit based on the service they offer. There is always something “more” that they need to do. Often this makes the experience worse. Meh.

Super happy with Porkbun BTW, it just works, does what it’s needed and I found the renewals to be 50% cheaper compared to GoDaddy…

GoDaddy has always been pretty shitty.

@RegalPotoo@lemmy.world
link
fedilink
English
35M

I moved just about everything to Route53 for registration - I run my own DNS so I don’t need to pay for that, and it’s ~40% cheaper than Gandi for better service.

Now I just need to move my .nz domain (R53 supports .{co,net,org}.nz, but not .nz itself?) and the 2 .xyz domains that are “premium” for some reason so R53 won’t touch

LostXOR
link
fedilink
15M

If you’re looking for a new registrar, I’ve had only good experiences with NameSilo. They’re not the cheapest, but they’re generally cheaper than GoDaddy, don’t paywall arbitrary things like APIs or WHOIS privacy, and have good support.

thejevans
link
fedilink
English
55M

Porkbun + cloudflare DNS + ddclient

Possibly linux
link
fedilink
English
05M

Avoid cloudflare

thejevans
link
fedilink
English
95M

Sounds good. Better free DNS option with API support?

@loudwhisper@infosec.pub
creator
link
fedilink
English
65M

Desec.io is a good option. To be honest using cloudflare just for DNS is completely OK. It’s not a service that allows spying on you or consolidates their monopoly.

Why is it free, i selfhost to get rid of snooping companies

@Rexios@lemm.ee
link
fedilink
English
15M

Does porkbun not just have that?

thejevans
link
fedilink
English
25M

It does, but for the same reason as what happened to OP, it’s best to separate DNS from domain registrar.

Possibly linux
link
fedilink
English
-105M

Don’t use DNS like that. Use a VPS and route traffic to a isolated network at home if need be

thejevans
link
fedilink
English
15M

That’s definitely a nice solution, but I have not had good luck with free VPS providers keeping the lights on. It would likely cost money on the order of $5 to $10 per month, so it is a different class of solution.

?? Your solution to dynamic dns is to run all the traffic through a static IP vps? Are you paying for this VPS, or are you saying you trust the host more than you trust cloudflare, because they give you a free VPS?

Possibly linux
link
fedilink
English
-25M

I pay for a VPS and a static IP for the VPS. Way safer and less fragile

Safer is a matter of opinion. You’re moving your trust from one company to another, that doesn’t necessarily equate more safety. How do you trust the safety of companies?

As for less fragile, that is patently untrue. You have all the same failure points as previous, but now must manage the update schedule of another server, and have the added reliance on a third party host. You’ve increased fragility if anything.

Possibly linux
link
fedilink
English
05M

I’ve had very high uptime for years

Recommend cloudflare for DNS. I use it for DDNS via API and it works great.

You also basically pay the wholesale rate without markup for the domain.

JackbyDev
link
fedilink
English
45M

Is it cheap? I got shifted to SquareSpace from Google Domains and it’s pricier. I switched the name cheap but have no loyalty to them.

@lud@lemm.ee
link
fedilink
English
15M

Cloudflare apparently makes no or little to not profit on their domain registration business.

The prices supposedly only covers the fees related to domains that everyone has to pay.

irotsoma
link
fedilink
English
35M

It’s reasonably priced. I was in the same boat with the Google domains shutdown. As long as you aren’t a heavy user, it has lots of cool features. But if you get their attention they’ve been known to fleece the crap out of small businesses that were using their free services. Most of my stuff is self hosted applications to move myself off of Google services, so my traffic is minimal.

JackbyDev
link
fedilink
English
15M

I only have two domain names and both just redirect to my public code repositories.

I moved about half my domains (I have about roughly 30) to Cloudflare and then stopped as I started hitting caveats. For instance they considered some of my domains “premium” and wouldn’t take them. I was having problems using them with some hosted website providers, etc

I let the rest of my domains transfer to SquareSpace and it’s been mostly painless (besides Google Domains completely fucking up my email but that’s wasn’t SquareSpaces fault). I’ll probably run out the registration on all of them and make a decision on where I’m moving my domains next year. Probably won’t be Cloudflare though.

That said, Cloudflare definitely seems cheaper than SquareSpace.

@ShortN0te@lemmy.ml
link
fedilink
English
55M

You can just use the Cloudflare DNS Nameservers. No need to transfer the Domain.

@Swarfega@lemm.ee
link
fedilink
English
15M

This is what I do. Registered with Porkbun but have two domains pointing to Cloudflare NS’s for DNS. I then have a container locally that looks for IP changes on my home connection and if detected updates DNS to the new IP.

@robinj1995@feddit.nl
link
fedilink
English
95M

Warning: Cloudflare does not allow you to change the nameservers of domains you register with them unless you pay for some insanely priced subscription. For many of us who register domains at various registrar’s but want to be able to centrally manage DNS, hiding such basic functionality behind an extremely steep paywall makes Cloudflare a no-go.

What advantage is there is changing nameservers? Is it just the centrally manage DNS or something else? I’m fairly new to self hosting and only serving locally for now.

I do know cloudflare uses the same nameservers PER ACCOUNT so if you’re wanting to have multiple domains but keep one or more connections separated from you then this does draw a minor connection to a subset of Cloudflare accounts with the same two nameservers

I’m glad I transferred my domain a month ago to porkbun. They even halved my renewal price

@TCB13@lemmy.world
link
fedilink
English
65M

How unexpected 😂😂😂

/home/pineapplelover
link
fedilink
English
115M

I use porkbun but I don’t know how they handle this situation.

@loudwhisper@infosec.pub
creator
link
fedilink
English
105M

I also use porkbun, their API is not a masterpiece but it works and allows you to get, set and update records. In fact their API is now supported by some of the common ddns scripts out there.

i switched to porkbun from godaddy specifically because of this.

/home/pineapplelover
link
fedilink
English
15M

I like them because they’re really cool and helpful. They have amazing documentation which helped me get my website up and running.

@Archer@lemmy.world
link
fedilink
English
25M

Google Domains to porkbun here, mostly because they added porkbun DDNS support to OPNsense

Create a post

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

  1. Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

  • 1 user online
  • 61 users / day
  • 296 users / week
  • 975 users / month
  • 3.73K users / 6 months
  • 1 subscriber
  • 3.91K Posts
  • 79.3K Comments
  • Modlog