Making Sense of Whois
When you register a domain name, your information is added to one of many public databases referred to as Whois.
It’s important to understand what information appears within the Whois database, how to read it the data, and how to protect your privacy. Below we’ll unpack the data and examine each of these points in turn.
What is Whois?
Whois is a database of information collected each time someone registers or updates a domain or the DNS settings. A Whois record displays the domain registrant’s name and personal contact information, along with other data pertaining to the domain, the registrar, and where the site is hosted.
That’s super handy to know when you’re curious to know who owns a domain and who’s hosting the site. However, it’s also a source of concern for many people registering domains, since the information in these databases is available to everyone with a free search on a site such as who.is.
Let’s unpack the content available in a Whois lookup, starting with the information specific to the domain, not the registrant.
Here’s an example:
Domain Name: EXAMPLE.TLD Registry Domain ID: D1234567-TLD Registrar WHOIS Server: whois.example-registrar.tld Registrar URL: http://www.example-registrar.tld Updated Date: 2009-05-29T20:13:00Z Creation Date: 2000-10-08T00:45:00Z Registrar Registration Expiration Date: 2010-10-08T00:44:59Z Registrar: EXAMPLE REGISTRAR LLC Registrar IANA ID: 5555555 Registrar Abuse Contact Email: email@example.com Registrar Abuse Contact Phone: +1.1235551234 Reseller: EXAMPLE RESELLER Domain Status: clientTransferProhibited
There are two key lines for you to examine in this section.
First is the Registrar Registration Expiration Date. This is the date the domain name expires. If you don’t renew the domain by this date it will go through the expiration and deletion cycle and you can lose the domain.
Second is the Domain Status field. Most of the time this will read clientTransferProhibited, which means you have Transfer Lock on so the domain can’t be transferred to another domain name registrar. If this field states “OK”, then you don’t have protection against transfers. (In some cases you’ll see a different status, which you can decode here.)
The next part is where your personal information starts. Here’s what the first section of personal data looks like:
Registrant Name: EXAMPLE REGISTRANT Registrant Organization: EXAMPLE ORGANIZATION Registrant Street: 123 EXAMPLE STREET Registrant City: ANYTOWN Registrant State/Province: AP Registrant Postal Code: A1A1A1 Registrant Country: AA Registrant Phone: +1.5555551212 Registrant Phone Ext: 1234 Registrant Fax: +1.5555551213 Registrant Fax Ext: 4321 Registrant Email: EMAIL@EXAMPLE.TLD
The Registrant Name can be an individual or a role, such as “IT Admin”. The Registrant Organization is your company name if you have one.
Similar information is repeated for the “Admin” and “Tech” contacts. The Admin contact should also have your personal information. Depending on your registrar, the Tech contact can have your information or that of a hosting/registration entity.
Important Considerations for Personal Information
As the holder of a domain, you’re required to provide accurate and updated contact information for yourself. Failure to maintain accurate information in Whois can lead to your domain name being suspended.
Having said that, there are several things you must consider each time you register a domain, update your contact information, or change DNS settings.
- The Registrant and Admin information should always display your or your company’s information—not a web designer or hosting company. If it’s not in your name, you don’t control the domain!
- While you should keep all of the information in this section up-to-date, the most critical item is your email address. Both the Registrant Email and Admin Email are used to authorize the transfer of your domain name to another registrar. In case of a dispute, the Registrant Email takes precedence over the Admin Email.
- It’s critical that you have control of the email account listed as the Registrant Email at all times. It’s OK to use a free email service such as Gmail, but make sure it’s secure and you use two-factor authentication.
- Make sure that the email address listed for the Registrant Email isn’t from a domain that you no longer own, a former job, or an account you no longer have, such as an old ISP.
- Because of the potential privacy concerns with giving out personal contact information on the Internet, many people choose to use a Whois privacy/proxy service. Consider Namecheap’s Domain Privacy service, which allows you to keep information private. Such services hide your identity from snoopers, and they can dramatically reduce email spam and unwanted phone calls pertaining to your domain or otherwise.
The final section includes information about where your domain name points online. This will be the hosting provider if one is assigned.
Name Server: NS01.EXAMPLE-REGISTRAR.TLD Name Server: NS02.EXAMPLE-REGISTRAR.TLD
If you have a complaint about a website’s content, such as copyright violations, you may need to contact the hosting provider, and this is how you can find that information out. In some cases, it can also help you determine the country in which a site is hosted.
Make Sure It’s Accurate
If you remember nothing else from this post, make sure you keep your information in Whois updated. Inaccurate information can cause you to miss important notices, have your domain transferred without your authorization, or lead to suspension of your domain.
When you register a domain at Namecheap, we will automatically send you annual notices to review the contact information. It’s a good idea to check it each year (at minimum).
And if you want to protect your personal information, consider signing up for Namecheap’s Domain Privacy service, which is free for the first year with all new domains.