alt Hacker NewsNever buy a .online domain
Comments
The registrar relying on Google Safe Browsing as a “trigger” for suspension is the most horrifying thing I’ve seen in a while. This basically makes the entire TLD unviable for serious use.
The TLD owner in this case was Radix, which also owns
.store .online .tech .site .fun .pw .host .press .space .uno .website
> The domain ... has been suspended due to its blacklisting on Google Safe Browsing
Et voilà ... ! this is precisely the slippery slope I warned about a decade ago. The indirect censorship becomes direct censorship, defeating all the arguments about the morality of such a list. And:
> Not adding the domain to Google Search Console immediately. I don't need their analytics and wasn't really planning on having any content on the domain, so I thought, why bother? Big, big mistake.
Yet more monopolistic power to Google.
I wonder if Radix has unknowingly created a negative feedback loop here. From Google's perspective, the DNS records disappear shortly after being flagged by Safe Browsing, which their heuristics may interpret as scammy behavior.
It's not about the .online TLD being "weird". The problem is that it was free. That's going to attract a swarm of fraudsters, spammers, etc, and then turn into a strong "this is probably fraud" signal in all kinds of fraud scoring systems.
There are lots of domains out there other than .com that are just fine.
Side note: My empirical experience is that vanity domains are disliked by some enterprise security systems. I have a friend who owns a .homes domain which ended up being blocked by quad9 as well as the enterprise security system of a friend's work for ~half a year. The block cleared by itself.
I had the same experience while buying another TLD. For ~1 month, certain people whose ISP "helpfully" had "safe browsing" features, simply blocked us outright. For being new and different.
The learning for me was that new domains are no longer trusted, and seemingly some vanity domains get even more strict treatment.
Domains are signaling. If you have a .online domain you are signaling you can't afford the equivalent .com domain. All the TLD annoyance is a consequence of the lack of status pressure ameliorating the experience of those domain holders (in the same way you never see public health crises in rich neighborhoods)
I still remember how Google banned my entire account without providing a reason for a small Android app (more than 12 years ago). To this day I have no idea why, it was absolutely green-area fit tracker or something. There was absolutely no way to know the reason or unblock my account. Turned me away from Android development forever.
One conclusion is:
> Not adding the domain to Google Search Console immediately.
I don't understand. What is Google Search Console, and should I add all my domains there right now?
We posted this warning on HN before: https://news.ycombinator.com/item?id=40195410
We struggled a lot when we opted for the .online domain for https://pinggy.io urls
Morale of the story: never ever use a registry that bases its decisions on Google Safe Browsing. Radix in this case. A very modern looking website for a really caveman support.
> Not adding the domain to Google Search Console immediately. I don't need their analytics and wasn't really planning on having any content on the domain, so I thought, why bother? Big, big mistake.
I'm not particularly familiar with SEO or the massive black box that is Google Search - is this really as critical as the author makes it seem? I have both .lol and .party domains, both through porkbun (and the TLDs seem to be administrated by Uniregistry and Famous Four Media, respectively), and both are able to be found on Google Search. It seems like this preemtive blacklisting would be the result of some heuristics on Google's end; is .online just one of the "cursed" TLDs like .tk?
It sucks so much that there is no standard way of linking additional domains to your main one and inheriting the reputation.
Want to set up a new domain for whatever purposes (conference, new product, etc)? Be prepared to spend the first half a year fighting the various blacklists before people can actually reliably connect.
Would make so much sense if you could just have a .well-known/other-domains.txt (or something something DNS) with a list of domain names that should be considered just as trustworthy as your main domain.
It's not even about .online or other weird TLDs, it's just that the domain is new and therefore "not trustworthy". Even worse if you need to use your existing branding on the new domain - instantly flagged as a phishing site everywhere.
We need to rethink the web so that fewer third parties are involved in things that seem on the surface to be an A-B conversation. To say nothing of the trustworthiness of those parties, having them involved at all is needlessly brittle.
Does anybody know any good alternative to Name Cheap? It seems like they keep raising prices on all the domains. Website is very sluggish, especially for finding domains quickly.
The first mistake anyone makes is thinking they are “buying” anything with a domain. You’re renting it. And the company you are renting from can arbitrarily push up the price above inflation. NameCheap is good for the basics. But a .site or .online domain is a no-go beyond an MVP/test.
But was this because it's .online? I got one and it was fine.
The only issue was the usual trap with all Namecheap domains: They tell you it's all set, and it works, until they randomly email you a week later asking for email verification. If you don't do that promptly, they suspend your domain until you trigger a resend. Which is easy to fix but also strange.
Unfortunate story. It wasn't clear to me that the .online TLD led to Google blacklisting the site. Why did you think that was connected?
I'm sorry that the author got bitten by this. But .com purism is funny to me. I only buy GTLDs for personal projects, and I've never had a problem before. But then, I've never bought .online.
Are you 100 percent certain that the domain name wasn't registered before and then got on the blacklist because of prior misuse?
It's quite possible that the domain you chose was registered previously and dropped because the previous owner misused it and burned that domain. The .ONLINE extension has been around for several years now.
So Google can single-handedly break any domain? Sounds like total control of the Web.
Are there any other TLDs that are of this ilk or are we saying nothing but .com will ever do? Or .org, perhaps?
Took me a minute to realize Sid isn't associated with 0xide.computer. Clever domain name!
Getting Google to index my personal site has been a pain. Every other search engine works fine, but ever since I switched the images on my site to .webp (a format created by Google!), my site's content just doesn't get indexed anymore. I've given up since web search traffic matters less and less these days with LLMs, and it only really bothers me when I'm trying to search for my own articles.
Why was the domain blacklisted though? What can we do to prevent blacklisting in the first place?
tried to roll my own email server on a .xyz domain...basically a big no go, couple of emails went through, then nothing, just a black hole. Thanks corpos and the safety theatre.
On a side note, thanks for wisp. I was looking for something like it so I could use it to quickly test the web builds of my tauri mobile app.
Google should really be seeing some anti-trust action for requiring you to create an account with them on their search console in order to contest being added to a blacklist used by all the major browsers.
A list of all registered (3,231,464 domain so far) .online domains is here: https://allzonefiles.io/zone/online
This is one of the pains of centralization. And honestly, it could happen with any TLD.
never buy anything than com domain
especially country level domains, they are not regulated and your register can ignore whatever requirements they have to fullfil
also I don't recommend using a .xyz domain for email sending. These domains are often marked as spam, and some email providers don’t support them.
Having .online already 5 years. No problems with email or website. Don’t understand that blog post. More problems can be with .xyz
I blame both the registry and Google.
If you were a lawyer, you could have fun with this.
Btw, perhaps unrelatedly, we had a domain marked as unsafe by Google as well for no particular reason.
This sounds like something ICANN should prevent. Is this not against ICANN rules? These fuckers ban emoji domains, maybe they should ban registries from arbitrarily stealing domains with no recourse. Maybe write to them and see if they can move something.
.com is definitely the gold standard, I got an .io more than a decade ago and if I would go back in time, I would just use .com, the pricing for .io been increasing for no apparent reason.
I got og.plus that expands to OpenGraphPlus.com.
At first I was stoked to have a two letter domain, but then I looked into it and learned these companies will get you hooked with a low initial price, then jack up the prices as the domain becomes established.
Quite the grift. My plan is to tread lightly on that domain and be ready to back away from it when the rent seekers move in.
You’d think there would be some sort of rules to the neutrality of these TLD administrators, but nope.
The second time around I wised up and go ogplus.net for an API domain instead of ogplus.media. I’ll take neutrality over vanity any day.
So this happened only because google is so big, that it can point to any website and say that it's not safe. Even if owner of a site just don't want to be in their search engine in the first place.
How on earth we ended up with this company bother anyone including those that want their services? Imagine that you could get your driving license banned because you did not buy a toyota...
Last year, my registrar wanted €64,99 to extend an online domain which I had created for fun.
No thanks.
Google have way too much power to mess people's lives up. Especially for an organisation with basically zero customer support.
A great reminder even if you aren't a Google customer, Google's love of banning people with no notice or recourse will still screw you over.
> Update: Within 40 minutes of posting this on HN, the site has been removed from Google's Safe Search blacklist. Thank you, unknown Google hero! I've emailed Radix to remove the darn serverHold.
I wouldn't party too soon - from my experience getting something removed from Google's libel machine doesn't mean the same process that put it there in the first place is fixed and it you will most likely go through the same thing again and again.
> Not adding the domain to Google Search Console immediately. I don't need their analytics and wasn't really planning on having any content on the domain, so I thought, why bother? Big, big mistake.
This is just another way how Google has inserted themselves as the gatekeeper of the web.
Never use a “free” domain is a better rule. Even if there were no technical or administrative issues, nobody trusts them.
The logic doesn't automatically extend to other TLDs unless they too are owned by the same firm. Alternative TLDs are often preferable because they're so much cheaper than wasting money on a .com, etc.
why not just buy a .co.xx (country) or simply .com / .net
and if hectic maybe .io
One time I bought a .dev domain, which is/was run by Google, and after missing the renewal deadline by less than 24 hours, the renewal price jumped from less than $30, to $800.
I don’t know that the advice is solid in terms of never buying an alternate TLD.
Oh man. The infinite loops of impossible verification by large companies that should know better are massive pain peeve of mine.
This goes right to the top for me, along the ubiquitous "please verify your account" emails with NO OPTION to click "that's NOT me, somebody misused my email". Either people who do this for a living have no clue how to do their job, or, depressingly more likely, their goals are just completely misaligned to mine as a consumer and it's all about "removing friction" (for them).