Why You Should Not Let Your Domain Name Expire?
The consequences and how to keep your domain from expiring.
Another year has passed and it’s time to renew your website. Or more precisely, time to think (again) whether you really need a website? This is the question we always ask ourselves when we are cutting down our business budget and trying to find every single possibility to reduce our operational cost.
But think about it, almost every single business, regardless it is small, medium and, of course, large corporations all own a website. And with how people are surfing online on their phones, tablets, and laptops—59 hours per week on average—there are just so many reasons to keep your business online if you want to maximize your opportunities.
You then question, “what if I don’t think I really need the website anymore? Or at least for now?” Fair enough, but let me ask you, how would you feel if someone else got your domain name and misuses it? Things can get a lot messier than you think if you just let it expire.
In July 2021, several major news media sites, including the Washington Post and New York Magazine, briefly had porn videos embedded into their articles. The reason for this unfortunate event—an expired domain name.
Screenshot provided by Twitter user @dox_gay showing the affected media websites.
What Happens After A Domain Name Expires?
Don’t need to panic yet, there is still some time for you to retrieve your domain name even after you forgot to renew it. Since February 2013, the Internet Corporation for Assigned Names and Numbers (ICANN) requires companies who issue domains (“registrars”) to notify their users of any important information, notices, fees, and procedures related to the domain renewal. (For more details, please refer to Expired Registration Recovery Policy)
While different service providers may have their own way of dealing with renewals, they are all obligated to follow the guidelines set by the ICANN.
- Before Expiration:
Service providers will send out multiple notices reminding users to renew their domain.
- Expiration Day:
This is the day your domain expires, all services associated with it will cease function.
- Renewal Grace Period:
The domain will be deactivated and “parked”. During this period, owners can still renew their domain with the provider’s standard renewal price.
- Redemption Grace Period:
If owners don’t renew the domain within the renewal grace period, they will enter a phase called the redemption grace period. In this stage, it is still possible for owners to retrieve their domain, but only service providers would be able to do so. You are likely to pay a redemption fee on top of a renewal fee.
- Pending Delete & Release:
If no actions are taken after the redemption grace period, the domain will enter the deletion period. Typically five days after the end of the redemption period, the domain will be returned to service providers. At this point, owners will no longer be able to recover their domain, it will be available to the public and the only option left is to purchase it again through general registration. And if someone else purchased the domain before you did, you will lose control over the domain and everything associated with it.
Note: This is the standard timeline according to ICANN. Service providers generally would follow it, but they could also come up with their own timeline within this timeframe. It is to note that this illustration also does not include any market activities that a specific service provider would conduct (E.g. Domain Auction). For specific information on the renewal process of your service provider, please refer to the renewal policies on their websites.
Why Does It Even Matter?
Cybersecurity implications
The majority of the online website building services only require owners to register with an email, and not all owners will even take an extra effort to activate two-factor authentication for log-in options if offered.
Once a domain expires, criminals can easily purchase these expired domains, reset passwords of all the email-subscription-based services, and quickly gain control over any social accounts linked to the email. These could include the company’s emails, Instagram, Twitter, Facebook, and many more.
An expired domain can be very attractive to people with all kinds of motives. Opportunistic criminals can make use of this chance to harvest data, such as customers’ credit card information and companies’ confidential data. Criminals can also set up email accounts using your domain to send out fishing emails or emails with traditional malware attachments.
Another possible threat, particularly if you own an eCommerce website. Once criminals own and gain control over your domain, they could simply recreate and set up a fake eCommerce site with normal online store functionalities. If your customers didn’t know what was happening, which is very likely they wouldn’t, and continued purchasing products from your website. All their sensitive information will be easily obtained by these criminals.
Services such as Wayback Machine archives thousands of web pages every single day. From news media sites, entertainment, to big eCommerce ones like Amazon, criminals can make use of these screenshots to recreate websites “as original as they could be”.
Personal reputation
Remember what I’ve just mentioned earlier about porn videos embedded on major media sites? Imagine you’re running a video-hosting service website and a similar situation happens because you forgot to review your domain, how will your partners react? They are likely going to stop using your service since they no longer trust your service. Worst of all, they might even sue your company.
This goes the same for those who own a website and use it as their online portfolio. If you let your domain expire and someone bought it, they could change it to any random website for any purpose. If people want to know about you and your work, it is very common for them to just type your name online and search for any possible information. The moment they click onto the link but see a completely irrelevant website as opposed to what they are expecting, you could, unintentionally, give a bad impression to your potential customers.
Not only that, any social media accounts associated with the email used for domain registration could also be compromised. It could be a disaster to restore everything back to “normal” and take time to rebuild you or your brand’s image.
Protecting your brand
Another reason, which is more for protecting your image. Remember what I’ve just mentioned about your domain name is representing you in the online space? It is now very easy for people to go online and look for information about a person or business. Imagine your business partner go to Google and type your name in the search bar (and unfortunately you’ve got a pretty generic name. They come across a website with a domain name very similar to your name or your business name, but the content in that website is, let’s just say it’s “interesting”. What an awkward moment isn’t it.
How to Keep Your Domain Name From Expiring?
Now that you know what could potentially happen if you let your domain name expire, intentionally or unintentionally, here are some tips on how you can ensure your domain name wouldn’t end up in the hands of others.
1. Make sure your email attached to your domain is up to date
Service providers who issued your domain will usually remind you to renew your domain via email. If you change your main email address but did not update it with your service provider, all the reminder emails will end up in your old email address. This is usually the number 1 reason why people are missing their renewal deadline.
2. Make sure you’ve updated your credit card information
It is not uncommon for people to change credit cards, there are just so many options and deals out there. You’ve used credit card A when you first register a domain for two years, after a year you’ve opened a new credit card account (credit card B) and deactivated credit card A. However, you’ve forgotten to update the credit card information with your service provider and they tried charging credit card A when it’s time for renewal. The transaction didn’t get through, your domain is not renewed, it expires, opening the doors for others to use your domain for another purpose.
3. Consider auto-renewal option
Most service providers offer an auto-renewal option, it is worth enabling this function to make sure you properly own your domain and all associated services. To ensure the continuity of service, service providers will usually process all renewals 30 days in advance. Just make sure your credit card information is up-to-date.
4. Consider renewing for a longer term
One of the most cost-effective methods to prevent your domain from expiring is basically to renew it longer. If possible, you can even consider maxing out the renewal term in one go.
Doteasy’s pricing plan for domain renewal
5. Mark your calendar
If you’re still not convinced to set up auto-renewal or renew the domain for a longer term. Let’s do the most traditional method, mark it down on your own calendar and set a notification to manually renew it before it expires.
Website building service provider Website.com shows users both their domain hosting and website plan expiry date on the user’s main page.
The Takeaway
Letting your domain expire can lead to undesirable consequences. It could be a lot more than just losing your website, but also all the services associated with the domain. If you let your domain expire and it landed in the wrong hands, your business has a lot more at stake. You could lose credibility, face reputational damage, lose profitability, and worse, be used for committing cyber crimes and putting everyone at risk.
Therefore, I strongly encourage all of you to think twice before letting your domain expire. And highly suggest you opt for the auto-renewal option to secure the service and security of your domain and everything associated with it.