[EvangelicalPig]

I know NetSol in theory supports registry lock, but last time I checked they want >$1000/year for it, and it's kind of shitty they don't offer robust access controls internally so you end up paying for it (and other registrars offer registry lock (and hopefully competent 2FA on top of that!) in the ~$500/year range)

[kstrauser]

There's zero reason to still use NetSol in 2021 except sheer masochism. Namecheap offers 2FA and registry lock for free.

Seriously, transfer your domains to almost literally any other registrar. They'll be better than NetSol.

[wlonkly]

I believe Namecheap only offers registrar lock (clientUpdateProhibited), not registry (serverUpdateProhibited). There are very few registrars that offer registry lock and they're all "enterprise", probably because the relationship required for registry unlock protocols to work doesn't scale with retail customers.

Off the top of my head: NetSol, MarkMonitor, CSC, maybe Cloudflare. There are more that will do it for specific ccTLDS (.ca has lots, for example).

[kstrauser]

Huh, looks like you're right about serverUpdateProhibited. TIL! Thanks.

[epc]

Pairdomains (pairdomains.com) offers it for $0.00/year.

But…be absolutely, 100%, certain that the information contained in the registry record is 100% accurate for name of registering organization and contact information. Because the process to unlock can be quite…difficult if the information is slightly off.

[EvangelicalPig]

pairdomains.com doesn't have serverUpdateProhibited, which is the "registry lock" protection. The reason why it costs money is because I believe it involves the registrant, registrar and registry coordinating a manual unlock out of band, so in theory if the registrar-registry API is compromised, you're still be protected.

[dwohnitmok]

An unfortunate side effect of defending against social engineering attacks that can use very small inaccuracies to be successful.