PSA: GoDaddy gated their own API. DDNS users warned
PSA: GoDaddy gated their own API. DDNS users warned
GoDaddy really lived up to its bad reputation and recently changed their API rules. The rules are simple: either you own 10 (or 50) domains, you pay $20/month, or you don't get the API. I personally didn't get any communication, and this broke my DDNS setup. I am clearly not the only one judging from what I found online. A company this big gating an API behind such a steep price... So I will repeat what many people said before me (being right): don't. use. GoDaddy.
This is what NameCheap does too. It's freaking stupid. Domain registrations should not be managed by corporations.
NameCheap
WOW! I did not know that. I just checked and after a little search:
We have certain requirements for activation to prevent system abuse. In order to have API enabled, your account should meet one of the following requirements: - have at least 20 domains under your account; - have at least $50 on your account balance; - have at least $50 spent within the last 2 years$50 in last 2 years is not much, but for those who renew for many years, it is still stupid.
Ironically, Namecheap is what the people in https://github.com/navilg/godaddy-ddns/issues/32 migrated to!
I really wish that domain registration was done in a different way, but even in current scenario, gutting features for such a basic service to extract a few bucks and risking losing customers...?
I'm saying this for years, but a) it's quite late (seems like a 1990s issue) and b) OpenNIC is a bit of a joke atm (but support it anyways)
ICANN never should've been a creature of US-NTIA, but of the UN. The US has no right to decide for the digital world how everyone communiticates. No one really should (apart from about stuff like CSAM).
GoDaddy can GoFuckThemselves, wondering why my shit was broken until i found out
Been there...
I thought my API keys were expired, I regenerated them, changed a couple of things, checked all API calls to see if they changed API itself...then I searched the exact error and found out.
For such a breaking change to the API, was it hard to drop an email to every account not meeting the damn "requirements" with an API call performed in the last x months, to alert of the change?
desec.io can be used with any domain registrar and has an API with support for various ddns clients (ddclient, lego).
deSEC is a free DNS hosting service, designed with security in mind.
Running on open-source software and supported by SSE, deSEC is free for everyone to use.
Edit: To clarify, desec.io does not sell/rent domains. Desec has to be set as the authoritative nameserver on the registrar, then desec can manage domain records instead of the registrar (which usually also provides their own domain hosting for "free" by default).
Yes, a thousand times this. DeSEC is awesome, I moved my domain record management there. I'm usually buying domains on namecheap, and the IP allow list thing for the API was just too annoying to deal with.
What's the benefit of having a separate DNS host? I'm using porkbun and had to mess around with its dns records to configure my email hosting. Does having separate service mean I don't have to do this all over again If I switched registrars?
Yes, pretty much that. Plus some configuration might be easier with a DNS hosting. But the main benefit is decoupling domain and DNS for easier change.
ClouDNS makes DDNS easy for a low cost for 1-5 domains.
ClouDNS
I think I heard of it. I think most DDNS scripts support a lot of registrars as well, if one doesn't want to go with full DNS hosting.
In case of DNS hosting (I also linked it in the post, but it's a good shotout), there is desec.io too. EU-hosted, free (although donations are highly encouraged) and has a ton
sof features! There is also a Terraform provider!Look at how Dynamic DNS supported. Does it require full access to the account-- dangerous-- by using your login credentials or an API token with full read/write access? Or does it over a very limited scope access that gives the Dynamic DNS tool precisely the access it needs to update a single DNS record-- much safer! The latter is what CloudDNS does.
Is it relatively easy to switch domains? I just set up my old laptop as a home server and I registered with domain.com.
Domain.com sounds like a domain registrar. You would keep that service and point your name servers for the domain to the ClouDNS name servers.
I use porkbun but I don't know how they handle this situation.
I also use porkbun, their API is not a masterpiece but it works and allows you to get, set and update records. In fact their API is now supported by some of the common ddns scripts out there.
i switched to porkbun from godaddy specifically because of this.
Google Domains to porkbun here, mostly because they added porkbun DDNS support to OPNsense
I like them because they're really cool and helpful. They have amazing documentation which helped me get my website up and running.
Recommend cloudflare for DNS. I use it for DDNS via API and it works great.
You also basically pay the wholesale rate without markup for the domain.
Warning: Cloudflare does not allow you to change the nameservers of domains you register with them unless you pay for some insanely priced subscription. For many of us who register domains at various registrar's but want to be able to centrally manage DNS, hiding such basic functionality behind an extremely steep paywall makes Cloudflare a no-go.
What advantage is there is changing nameservers? Is it just the centrally manage DNS or something else? I'm fairly new to self hosting and only serving locally for now.
I do know cloudflare uses the same nameservers PER ACCOUNT so if you're wanting to have multiple domains but keep one or more connections separated from you then this does draw a minor connection to a subset of Cloudflare accounts with the same two nameservers
Is it cheap? I got shifted to SquareSpace from Google Domains and it's pricier. I switched the name cheap but have no loyalty to them.
It's reasonably priced. I was in the same boat with the Google domains shutdown. As long as you aren't a heavy user, it has lots of cool features. But if you get their attention they've been known to fleece the crap out of small businesses that were using their free services. Most of my stuff is self hosted applications to move myself off of Google services, so my traffic is minimal.
Cloudflare apparently makes no or little to not profit on their domain registration business.
The prices supposedly only covers the fees related to domains that everyone has to pay.
I moved about half my domains (I have about roughly 30) to Cloudflare and then stopped as I started hitting caveats. For instance they considered some of my domains "premium" and wouldn't take them. I was having problems using them with some hosted website providers, etc
I let the rest of my domains transfer to SquareSpace and it's been mostly painless (besides Google Domains completely fucking up my email but that's wasn't SquareSpaces fault). I'll probably run out the registration on all of them and make a decision on where I'm moving my domains next year. Probably won't be Cloudflare though.
That said, Cloudflare definitely seems cheaper than SquareSpace.
Gandi changed their TOS and price structure last year, so I ported everything over to Porkbun for a small savings, but mostly as a big middle finger to Gandi.
If you're gonna get banged that kind of cash for functions you're already using, you may as well look at better registrars, and get better value for your spend.
Shop around.
I also migrated everything to Porkbun. Gandi used to be good too, we used it extensively at work in my previous org (~3 years ago).
Is the whole sector regressing? It seems these companies aren't happy just earning a profit based on the service they offer. There is always something "more" that they need to do. Often this makes the experience worse. Meh.
Super happy with Porkbun BTW, it just works, does what it's needed and I found the renewals to be 50% cheaper compared to GoDaddy...
GoDaddy has always been pretty shitty.
I moved just about everything to Route53 for registration - I run my own DNS so I don't need to pay for that, and it's ~40% cheaper than Gandi for better service.
Now I just need to move my .nz domain (R53 supports .{co,net,org}.nz, but not .nz itself?) and the 2 .xyz domains that are "premium" for some reason so R53 won't touch
@loudwhisper GoDaddy gonna GoDaddy. *shrug*
Yeah, indeed. To me is still completely absurd. At this point is not just a bad registrar, for most of us (hobbyists), I think it's a completely non-functional option. Basically every competitor offers an API.
I stuck with them out of lazyness for far too long.
I'm glad I transferred my domain a month ago to porkbun. They even halved my renewal price
How unexpected 😂😂😂
I would suggest ddns.net if they hadn't irrevocably eaten two of my domains already (when the client software doesn't check in, the domain disappears from your account, but they don't get marked as available so no other account can filch them)
I think I used it in the past. Is the one where every X months you need to go the the console and confirm the domain is still used, right?
I think nowadays there are better options (incl. Free) with less maintenance and more flexibility
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
Fewer Letters More Letters CSAM Child Sexual Abuse Material DNS Domain Name Service/System IP Internet Protocol VPS Virtual Private Server (opposed to shared hosting)
[Thread #870 for this sub, first seen 15th Jul 2024, 01:55] [FAQ] [Full list] [Contact] [Source code]
If you're looking for a new registrar, I've had only good experiences with NameSilo. They're not the cheapest, but they're generally cheaper than GoDaddy, don't paywall arbitrary things like APIs or WHOIS privacy, and have good support.