At the Canadian Internet Registration Authority (CIRA), managers of the .CA domain, domain outages are something we’ve seen many times over the years.
For any company, such an outage can have significant repercussions:
- It affects key partners – for a B2B product, any company that uses your product is affected
- A domain name mishap causes a hit to your brand reputation – not good for losing potential customers
There are a few reasons why domains fail to resolve:
- Failure to renew a domain name
- Error configuring the DNS
- DDoS attack
- Hacking through social engineering and redirecting the website
Let’s explore each of these situations and take a look at what Canadian businesses can do to be proactive and avoid them. If you rely on suppliers for cloud services you may want to ensure that they have best practices for domain (and DNS) management in place.
1) Failure to renew a domain
Failing to renew your domain name means it will no longer resolve once it is expired. It is worth noting that in the domain industry, failure to renew doesn’t automatically mean somebody can snag your domain name because there are renewal periods built into the system. These renewal periods ultimately save a lot of headaches, allowing Registrants to “rescue” domain names that have expired.
You can learn more about the life cycle of a .CA domain on our website.
2) Error configuring the DNS
Ensure the DNS information you input into your Registrar’s configuration portal is accurate. Even a simple typo will prevent your site from resolving. What’s more, even after you’ve fixed the error, it could take up to 24 hours for the updated correct information to propagate across the Internet.
3) DDoS attack
A hacker can flood your DNS servers with traffic making them unavailable to answer legitimate queries. To protect from this, ensure your DNS service provider has the necessary capacity and processes to handle a worse scenario.
4) Hacking through social engineering and redirecting the website
In this scenario, a hacker tricks the technical support staff at your domain name registrar into redirecting your domain name to another address of their choice. A good example of this is the Air Malaysia incident, when its website was redirected to an image of a monocled smoking lizard.
What you can do to prevent domain name issues
CIRA’s key mandate is managing the .CA registry. We are entrusted to have it operate smoothly as a public resource for Canadians. Here are some of our top domain management tips for businesses and individuals to have 100% up-time:
- Ensure you make note of your domain name expiry date. .CA domains can be registered for up to 10 year periods at a time and some Registrars offer discounts if you buy for multiple years at a time. Also, some Registrars offer auto-renew services to avoid your domain name expiring.
- Ensure the admin contact for your domain is accurate, up to date and ideally use mailboxes that multiple administrators can access. Don’t use “privacy” type emails and ensure that your Registrar is white listed and you are getting their administrative emails.
- Always register the domain name yourself.
- For an added measure of security, domain name holders can purchase .CA Registry Lock (other registries offer locking as well) to help prevent domain hijacking and web services, like D-Zone Anycast DNS can be used to bolster the DNS to protect your sites from DDOS attacks.