GoDaddy really lived up to its bad reputation and recently changed their API rules. The rules are simple: either you own 10 (or 50) domains, you pay $20/month, or you don’t get the API. I personally didn’t get any communication, and this broke my DDNS setup. I am clearly not the only one judging from what I found online. A company this big gating an API behind such a steep price… So I will repeat what many people said before me (being right): don’t. use. GoDaddy.
If you’re looking for a new registrar, I’ve had only good experiences with NameSilo. They’re not the cheapest, but they’re generally cheaper than GoDaddy, don’t paywall arbitrary things like APIs or WHOIS privacy, and have good support.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters CSAM Child Sexual Abuse Material DNS Domain Name Service/System IP Internet Protocol VPS Virtual Private Server (opposed to shared hosting)
[Thread #870 for this sub, first seen 15th Jul 2024, 01:55] [FAQ] [Full list] [Contact] [Source code]
Porkbun + cloudflare DNS + ddclient
Avoid cloudflare
Sounds good. Better free DNS option with API support?
Why is it free, i selfhost to get rid of snooping companies
Desec.io is a good option. To be honest using cloudflare just for DNS is completely OK. It’s not a service that allows spying on you or consolidates their monopoly.
Does porkbun not just have that?
It does, but for the same reason as what happened to OP, it’s best to separate DNS from domain registrar.
Don’t use DNS like that. Use a VPS and route traffic to a isolated network at home if need be
That’s definitely a nice solution, but I have not had good luck with free VPS providers keeping the lights on. It would likely cost money on the order of $5 to $10 per month, so it is a different class of solution.
?? Your solution to dynamic dns is to run all the traffic through a static IP vps? Are you paying for this VPS, or are you saying you trust the host more than you trust cloudflare, because they give you a free VPS?
I pay for a VPS and a static IP for the VPS. Way safer and less fragile
Safer is a matter of opinion. You’re moving your trust from one company to another, that doesn’t necessarily equate more safety. How do you trust the safety of companies?
As for less fragile, that is patently untrue. You have all the same failure points as previous, but now must manage the update schedule of another server, and have the added reliance on a third party host. You’ve increased fragility if anything.
I’ve had very high uptime for years
@loudwhisper GoDaddy gonna GoDaddy. *shrug*
Yeah, indeed. To me is still completely absurd. At this point is not just a bad registrar, for most of us (hobbyists), I think it’s a completely non-functional option. Basically every competitor offers an API.
I stuck with them out of lazyness for far too long.
Namesilo has it, porkbun didn’t last time I checked, iirc. Dunno about Cloudflare. GoDaddy has always sucked in so many ways that I never looked into their DNS.
@solrize @loudwhisper pork bun has had one for years. Don’t remember when I switched to them but it’s been a couple years.
Oh Yeah, Porkbun does have API (it seems since sometime last year? ). I think also Cloudflare, Namecheap and many others do too.
I agree about GoDaddy. It was an original sin for me to use them years ago, and I was lazy with just one domain that I use for most of my emails etc. I deferred the move for a while and then - how it often happens - I had to do it in “emergency” mode.
I use Porkbuns API. It’s not sophisticated, but it works.
ClouDNS makes DDNS easy for a low cost for 1-5 domains.
ClouDNS
I think I heard of it. I think most DDNS scripts support a lot of registrars as well, if one doesn’t want to go with full DNS hosting.
In case of DNS hosting (I also linked it in the post, but it’s a good shotout), there is desec.io too. EU-hosted, free (although donations are highly encouraged) and has a ton
sof features! There is also a Terraform provider!Look at how Dynamic DNS supported. Does it require full access to the account-- dangerous-- by using your login credentials or an API token with full read/write access? Or does it over a very limited scope access that gives the Dynamic DNS tool precisely the access it needs to update a single DNS record-- much safer! The latter is what CloudDNS does.
Is it relatively easy to switch domains? I just set up my old laptop as a home server and I registered with domain.com.
Domain.com sounds like a domain registrar. You would keep that service and point your name servers for the domain to the ClouDNS name servers.
I hate to bother you with another question, but what is the goal of changing the name servers I have with domain to another? Could I just use ClouDNS for everything? I wish I had taken more time before I bought the domain through Domain.com. It seems like everybody likes ClouDNS.
Transfering a domain from one registrar (IE reseller) to another can be a pain, but yes you can - it normally involves a fee and manual actions from the registrars.
As long as the new registrar supports the TLD. A few Geo-TLDs can only be resold/managed by some registrars.The easiest thing to do is to point the domain at ClouDNS nameservers.
Make sure you are happy with ClouDNS (I’ve never had issues with them) etc before committingThere are two services involved. Domain registration and DNS. Most domain registrars now provide some free DNS service, with basic features. I monitor dozens of domains, and I can tell you that these free DNS services with registrars are most likely to have short DNS outages as well.
ClouDNS is a professional, high-quality DNS service and that does one thing well. As far as I can tell, they don’t do domain registration, so that will always be a separate service. One of the things that ClouDNS does well is making Dynamic DNS easier.
I just checked and ClouDNS offers domain registration! So, I think I’m going to just move everything over there for convenience. Also, I know why my server is unreachable a couple hours every day lol. Love this community and Lemmy. Feels a lot like the old, old Reddit days. Thanks!
How unexpected 😂😂😂
GoDaddy can GoFuckThemselves, wondering why my shit was broken until i found out
Been there…
I thought my API keys were expired, I regenerated them, changed a couple of things, checked all API calls to see if they changed API itself…then I searched the exact error and found out.
For such a breaking change to the API, was it hard to drop an email to every account not meeting the damn “requirements” with an API call performed in the last x months, to alert of the change?
Gandi changed their TOS and price structure last year, so I ported everything over to Porkbun for a small savings, but mostly as a big middle finger to Gandi.
If you’re gonna get banged that kind of cash for functions you’re already using, you may as well look at better registrars, and get better value for your spend.
Shop around.
I also migrated everything to Porkbun. Gandi used to be good too, we used it extensively at work in my previous org (~3 years ago).
Is the whole sector regressing? It seems these companies aren’t happy just earning a profit based on the service they offer. There is always something “more” that they need to do. Often this makes the experience worse. Meh.
Super happy with Porkbun BTW, it just works, does what it’s needed and I found the renewals to be 50% cheaper compared to GoDaddy…
GoDaddy has always been pretty shitty.
I moved just about everything to Route53 for registration - I run my own DNS so I don’t need to pay for that, and it’s ~40% cheaper than Gandi for better service.
Now I just need to move my .nz domain (R53 supports .{co,net,org}.nz, but not .nz itself?) and the 2 .xyz domains that are “premium” for some reason so R53 won’t touch
I use porkbun but I don’t know how they handle this situation.
I also use porkbun, their API is not a masterpiece but it works and allows you to get, set and update records. In fact their API is now supported by some of the common ddns scripts out there.
i switched to porkbun from godaddy specifically because of this.
I like them because they’re really cool and helpful. They have amazing documentation which helped me get my website up and running.
Google Domains to porkbun here, mostly because they added porkbun DDNS support to OPNsense
I’m glad I transferred my domain a month ago to porkbun. They even halved my renewal price
desec.io can be used with any domain registrar and has an API with support for various ddns clients (ddclient, lego).
deSEC is a free DNS hosting service, designed with security in mind.
Running on open-source software and supported by SSE, deSEC is free for everyone to use.
Edit: To clarify, desec.io does not sell/rent domains. Desec has to be set as the authoritative nameserver on the registrar, then desec can manage domain records instead of the registrar (which usually also provides their own domain hosting for “free” by default).
What’s the benefit of having a separate DNS host? I’m using porkbun and had to mess around with its dns records to configure my email hosting. Does having separate service mean I don’t have to do this all over again If I switched registrars?
Yes, pretty much that. Plus some configuration might be easier with a DNS hosting. But the main benefit is decoupling domain and DNS for easier change.
Yes, a thousand times this. DeSEC is awesome, I moved my domain record management there. I’m usually buying domains on namecheap, and the IP allow list thing for the API was just too annoying to deal with.
Recommend cloudflare for DNS. I use it for DDNS via API and it works great.
You also basically pay the wholesale rate without markup for the domain.
Is it cheap? I got shifted to SquareSpace from Google Domains and it’s pricier. I switched the name cheap but have no loyalty to them.
You can just use the Cloudflare DNS Nameservers. No need to transfer the Domain.
This is what I do. Registered with Porkbun but have two domains pointing to Cloudflare NS’s for DNS. I then have a container locally that looks for IP changes on my home connection and if detected updates DNS to the new IP.
Cloudflare apparently makes no or little to not profit on their domain registration business.
The prices supposedly only covers the fees related to domains that everyone has to pay.
It’s reasonably priced. I was in the same boat with the Google domains shutdown. As long as you aren’t a heavy user, it has lots of cool features. But if you get their attention they’ve been known to fleece the crap out of small businesses that were using their free services. Most of my stuff is self hosted applications to move myself off of Google services, so my traffic is minimal.
I only have two domain names and both just redirect to my public code repositories.
I moved about half my domains (I have about roughly 30) to Cloudflare and then stopped as I started hitting caveats. For instance they considered some of my domains “premium” and wouldn’t take them. I was having problems using them with some hosted website providers, etc
I let the rest of my domains transfer to SquareSpace and it’s been mostly painless (besides Google Domains completely fucking up my email but that’s wasn’t SquareSpaces fault). I’ll probably run out the registration on all of them and make a decision on where I’m moving my domains next year. Probably won’t be Cloudflare though.
That said, Cloudflare definitely seems cheaper than SquareSpace.
Warning: Cloudflare does not allow you to change the nameservers of domains you register with them unless you pay for some insanely priced subscription. For many of us who register domains at various registrar’s but want to be able to centrally manage DNS, hiding such basic functionality behind an extremely steep paywall makes Cloudflare a no-go.
What advantage is there is changing nameservers? Is it just the centrally manage DNS or something else? I’m fairly new to self hosting and only serving locally for now.
I do know cloudflare uses the same nameservers PER ACCOUNT so if you’re wanting to have multiple domains but keep one or more connections separated from you then this does draw a minor connection to a subset of Cloudflare accounts with the same two nameservers
I would suggest ddns.net if they hadn’t irrevocably eaten two of my domains already (when the client software doesn’t check in, the domain disappears from your account, but they don’t get marked as available so no other account can filch them)
I think I used it in the past. Is the one where every X months you need to go the the console and confirm the domain is still used, right?
I think nowadays there are better options (incl. Free) with less maintenance and more flexibility
This is what NameCheap does too. It’s freaking stupid. Domain registrations should not be managed by corporations.
Damn. I always though they were one of the good ones.
I still think they are but maybe my needs are simple. It was definitely better when I switched over (from godaddy*) during one of the migrations.
They’ve been my go-to rec for like 6 years 😢
Their support is top tier, which is important when it’s important. But this complicates things. I’ll have to take a close look at the competition these days.
I’m saying this for years, but a) it’s quite late (seems like a 1990s issue) and b) OpenNIC is a bit of a joke atm (but support it anyways)
ICANN never should’ve been a creature of US-NTIA, but of the UN. The US has no right to decide for the digital world how everyone communiticates. No one really should (apart from about stuff like CSAM).
NameCheap
WOW! I did not know that. I just checked and after a little search:
We have certain requirements for activation to prevent system abuse. In order to have API enabled, your account should meet one of the following requirements: - have at least 20 domains under your account; - have at least $50 on your account balance; - have at least $50 spent within the last 2 years
$50 in last 2 years is not much, but for those who renew for many years, it is still stupid.
Ironically, Namecheap is what the people in https://github.com/navilg/godaddy-ddns/issues/32 migrated to!
I really wish that domain registration was done in a different way, but even in current scenario, gutting features for such a basic service to extract a few bucks and risking losing customers…?
These are ancient holdovers. Nowadays DNS hosting with API is a dime a dozen. You may have to pay for it occasionally but it’s not going to be even close to $20/mo.
$20/month for a service that anyway is low traffic (especially for hobbyists) is a completely insane price. Even more insane is that their cheapest subscription still doesn’t offer any API access. I agree anyway, but are these staying in business just because they have a consolidated market share? Do they have access to more TLDs? I don’t know, I am genuinely confused. I have absolutely no reason whatsoever to even think of using GoDaddy again.
I like the way Bunny.net does paid DNS, 20M monthly queries for $1 and $0.1/M after that. With an API included, ofc. Now that’s the kind of pricing I can get into as a self-hoster, not $20/mo.
GoDaddy advertises a lot, basically. So whenever a person who’s never owned a domain before searches for “get a new domain” they’re gonna get GoDaddy, NameCheap and (ironically) Google Domains as the top results. That’s pretty much all there is to it.
Yep, I like bunny in fact. It didn’t have all the features I needed back then, but it’s a very good product, I heard very good things.
I also agree about the pricing. I ended up not using desec.io, but if I did, I would have probably set a 1-2 Euros recurring donation, as I feel that’s a totally acceptable price.
As for why people use GoDaddy well… I feel personally attacked as that’s exactly how I ended up there, when I didn’t know better.
That can’t be right. I only had two domains (one now) and I’ve been using the API just fine. And basically any purchase will clear those dollar amounts.
I found it on their FAQ.
Yes, it is generally less restrictive, but… I have 4 domains, and now I have renewed all of them for the maximum amount. They will all expire after 2033. So unless I decide to add more domains (which is unlikely), I won’t spend a cent in the next ~9 years. I wonder if they really enforce it as it is written or they consider still the renewal an expense “split” over the duration.
Still, I really don’t understand. You can - and should - have proper rate limits on the API. You have API keys that uniquely identify the source, what is “the abuse” they are trying to prevent this way…?
Doesn’t their API also require you to allow-list IPs, making it basically useless for dynamic DNS?
From https://www.namecheap.com/support/api/intro/ under “Whitelisting IP.”
Not sure. Personally I only use it for Let’s Encrypt DNS challenges.
That’s a very interesting gotcha. They don’t seem to support address ranges either. Unless once you add the whitelist the requests still work from any address (their documentation is ambiguous). This is even more confusing.