I have been using Gandi (1) for the last yen years or so and have been very happy with them. I originally went with them because they were one of the few registrars that did the .cat TLD. I liked the experience and eventually transferred all of my domains to them.
They are a french company. Their slogan is "No Bullshit," (2) and I think they've done a decent job of living up to that.
My only frustration has been a situation where I was transferring an existing domain over to them. I wanted to create the zone file ahead of time so that when the transfer happened, there would be an identical zone file ready to go. But they wouldn't allow me to create a zone file for a domain that hadn't transferred over to them yet. Since I'm not doing anything critical with my domains, it was just an annoyance, but that would be a show-stopper for some.
As it pertains to billing problems, they allow you to pre-pay a chunk of money to your account. (They take PayPal.) It deducts from that amount when domains renew. That provides a buffer if you need to cancel your credit card.
Also, on the occasions that I have created trouble tickets, they have been responded to in a reasonable amount of time with helpful information.
I’ve been a happy customer of Gandi for 6-7 years. I originally chose them because I operate my own DNS server on my VPS and Gandi made it easy to add a glue record for the primary nameserver and they provide a free secondary nameserver¹ but these features wouldn’t be something that 99% of customers need nor want.
On that note, their secondary nameserver suited my needs until I started using DNS authentication for Let’s Encrypt wild-card certificates. Their secondary nameserver only supports requesting a full zone transfer (AXFR) every half hour or so. For some reason, they don’t use IXFR or – what would be more useful to me – DNS NOTIFY. This means that the secondary name server lags behind the primary nameserver by about half an hour. This results in the Let’s Encrypt DNS authentication failing randomly, depending on whether they checked the primary or secondary nameserver for the authenticating TXT records. I plan to move the `_acme-challenge.example.com` to a different zone that doesn’t use the secondary nameserver but I haven’t got around to it yet.
+1 I've been starting to consolidate to Porkbun as of those last threads. They support all the TLDs I have except one, the only provider to have that many. They're also local to me which feels nice.
Why couldn’t you use LetsEncrypt with them? I’ve been using and recommending Namecheap for years and I’ve never had a problem setting up LetsEncrypt on any domains through them.
> Only minus is I couldn't use Let's Encrypt with them.
If you mean namecheap doesn't support letsencrypt DNS-01 challenge, you can still buy your domain in namecheap but point your NS somewhere else that support DNS-01 challenge (e.g. cloudflare, Route53, or even Google Cloud DNS).
Most letsencrypt clients uses HTTP-01 challenge though, which doesn't care about who's hosting your dns.
I am also a Namecheap customer. But unfortunately I stopped trusting the company after I tried to register a domain and they prevented it, claiming that it is a 'premium' [5 letters] domain. Note: I created the domain from scratch and with 100% certainty that it is (was) unpublished [aucky.com, for an auction site].
I tried to reason with Richard [CEO who says to be 'open' to user input], but I didn't even get a robotic response.
The truth is that the web environment is totally corrupted and the domain registration process seems like something under the control of the mafia. A refoundation of the network is in order.
Disclosure: The domain is registered on the excellent and unbiased Registro.br [unfortunately below the top level .com]. Namecheap allowed me to create aucky.live and aucky.app. I want my aucky.com. (*)The service proper is in the making.
they've cancelled their Russian and Belarusian customers. and while I personally couldn't care less about either of the three countries involved in a war half a world away, I would prefer not giving my personal details and stewardship of my valuable assets to an activist company if I had any choice, and there are plenty to choose from
They're predominantly Ukrainian in staffing, so I suspect this is less activism and more just a consequence of whom they employ, but the point is taken. I wonder if a broader employee base means less activism (no single dependency) or more activism (more likely that any specific employee has trouble).
I've found name cheap rather good. But the problem is the long tail situation. Most of us won't encounter these problems so it's more a question of which registrar deals with problems well.
I’ve had a pretty good experience with Route53 on AWS. However, as with all things on the AWS console, it is very configurable and thus can be a bit confusing and over complicated.
I’d be interested in hearing about other smaller services that work well.
Depends on how big your system is. Losing rights on your domain is a real risk, especially at the highest levels, and some of the big players have taken bold steps to reduce this risk.
There exist some companies who specialize in protecting domain names. Not just from fradulent transfer attempts, but also from bad corporate actors (like Google, Cloudflare?, etc). The two ones I know of are Mark Monitor and AppDetex, though I'm sure there's others. [AppDetex is a former client of mine].
As a related comment said - if the registrar you're using isn't afraid of a bad reputation (Google, etc) then you probably should think of using one that is.
I've been using inwx.de since 2015, and they've been around for longer. The couple times I wanted something from support, they've been swift and helpful. My biggest criticism is that the API lacks the ability to do any sort of fine grained access control and you have to go through support to get a separate account that is limited to DNS configuration, for example.
I've got my personal domain in Google Domains, and the only "custom" feature I use is that they can forward email addresses to some other address. I wonder if there is any other DNS provider that has the same feature?
While I use and enjoy their other services, I would advice taking this incident into consideration about their registrar services that "prevents transfer-out of domains, sets to 'pendingdelete'"
Considering cloudflare registrar doesn't even let you change your nameservers, saying they have "full registrar services" is a bad joke. They also don't support a lot of TLDs.
I would highly recommended porkbun over CF for registrar services.
