Tell HN: Network Solutions Is a Scam

[paragonnoir]

My uncle has been paying 60+ dollars PER YEAR to renew his domain for the past three years on Network Solutions.

Told him that's basically a scam and transferred him to cloudflare: ~8 per year.

They also did whatever they could to stop me from transferring, including taking forever to send transfer codes and making it hard to send it in the first place.

Screw that site.

[LinuxBender]

For completeness sake I would add that they are Network Solutions in name only. They were purchased by web.com quite some time ago. I still have a few dozen domains with them only for the reason they are still less vulnerable to intimidation than other registrars from my experience and that is worth paying a little more than the mark-up over the internic mandated minimum registration costs. I have been on the fence about moving my domains to Mark Monitor which costs quite a bit more and may not make sense for hobby/testing/email-only domains.

For what it's worth, if you see registrars charging less than $10-15/yr/tld varies by TLD then they are making their money from their customers by up-selling other services. All of the registrars are obligated to pay a non-negotiable base fee per domain based on the TLD.

I am not a lawyer but have dealt with dozens of registrars in the US and EU. When moving domains and getting unlock codes, always do this on the phone with their customer support team. Log names and ticket numbers. If they stall or push back, tell them you need the name of their legal council for your legal team to reach out to. Also give them your ticket number to add to the case. (fictitious is ok, just make up a JIRA number). Do this without any emotion. If they say this is not a business account, mention that it is a legacy account being wrapped up into a new account. At the same time and less likely to be effective path but very likely to get their attention would be to start the process of removing their registrar accreditation, especially if you have many people in a similar situation.

[throwoutway]

> if you see registrars charging less than $10-15/yr/tld varies by TLD then they are making their money from their customers by up-selling other services.

Isn’t the base fee like $1-2? Did it really go up to $10?

[smugma]

ICANN: $0.18 Verisign (.com registry): $7.85

So that’s $8, plus credit card fees of ~$0.30 and their own hosting, ICANN fixed costs, etc.

I would say $8.50 is almost definitely below break, and $9-10 probably so.

[Vanderson]

At one time if you even _looked up_ the availability of a domain name they would immediately register it so if you tried to then register it at Namecheap or GoDaddy the name was taken already.

That should be illegal. (I have not bothered testing if their system still does this)

[tablespoon]

> At one time if you even _looked up_ the availability of a domain name they would immediately register it so if you tried to then register it at Namecheap or GoDaddy the name was taken already.

What would be their overhead for doing that? Seems like it's something that could be fun to subvert until they stop (e.g. do lookups of UUIDs in a loop).

[greyface-]

It costs them nothing as long as they delete the domain within a few days of registration. https://icannwiki.org/Add_Grace_Period

[utucuro]

According to the page you linked, that seems to fall under abuse of the grace period.

[psim1]

High pricing for legitimate services is not a scam. It is simply a bad deal.

[tinus_hn]

Trying to artificially make it hard to move to another service is not simply a bad deal.

[micah94]

Unless you're buying domains in bulk, a .com is going to be ~$11/yr even for a reseller. So Cloudflare is assuming you'll buy some additional service down the line. Domain registration is a loss leader. You should be aware of this. I agree $60/yr is high. I'm sure NetSol tacked on all kinds of BS "features" to justify that. But the bottomline is you can't make money selling domains alone.

[MatthiasPortzel]

My dad is similarly paying Network Solutions $40/year for a domain. I convinced him to cancel the monthly fee he was paying them for an SSL cert, thankfully.

[cowherd]

exact same experience

[warrenm]

You took him from one extortionist to another

That's...interesting

[cowherd]

You are saying cloudflare is an extortionist? How so? I'm about to move several domains to them, I'd love to know what I'm getting myself into.

Thanks!

[warrenm]

Maybe "extortion" isn't as apt as "incompetent"

And yes, I know those who swear by them (and their workers, and storage, etc)

But they provide zero security with DNS - I had someone try to hijack a couple of my domains' DNS a while back

Fortunately, my registrar had decent security, and they weren't able to transfer the domains and completely change DNS entries for them

But Cloudflare'll let anyone register an account and start setting up DNS entries - whether you own the domains or not

[bluehatbrit]

Isn't this the case with every DNS provider? If you're not using them as a registra but want to switch DNS providers you'll want to be able to load in all your DNS settings before hand. As long as your NS records aren't pointing to them it's perfectly fine. DigitalOcean, Route53, they all work the same in my experience.

I don't really get what Cloudflare did wrong here. Someone tried to transfer your domain name and your registra blocked it because you hadn't authorised it, what exactly was the problem?

Not a shill for them or anything, but I don't really understand what you're expecting them to do differently to everyone else.

[warrenm]

>I don't really get what Cloudflare did wrong here. Someone tried to transfer your domain name and your registra blocked it because you hadn't authorised it, what exactly was the problem?

Cloudflare refused to engage with the problem, offloading their legal responsibility (for enabling theft and fraud) onto me - the domain registrant

As it was, for a few days (because Cloudflare's developed a reputation of being "trustworthy"), my domains mostly didn't resolve - and not just for people who use Cloudflare's public DNS resolver

I, for one, am not OK with Cloudflare enabling this kind of fraud

[bluehatbrit]

> my domains mostly didn't resolve - and not just for people who use Cloudflare's public DNS resolver

Right this makes total sense as to why you're frustrated with them, I would be to. From what you'd said previously it sounded like you were annoyed they wouldn't take responsibility for something they're not the registra for which seemed a bit unfair on them. If they actually started diverting traffic in some way before the transfer had been rejected then that's pretty bad.

[warrenm]

I've never seen it anywhere else :: if this is what you consider "normal"...I'm kinda concerned you don't understand the security implications of [attempted] thefts like this

Whomever was trying to steal access to my domains was trying to overrule the authoritative status of my registrar's DNS servers

[bluehatbrit]

All you said here was that a DNS service is letting someone list DNS records for a domain. That's totally harmless if your domains NS records aren't pointed at their nameservers. You can do this with Route53 and DigitalOcean right now if you want but it won't have any impact because your domain name NS records point to your DNS provider.

As you mentioned in your other comment though, which you hadn't mentioned previously, cloudflare's DNS resolver started using their records before they'd actually received control of the domain (which was of course rejected). That's really bad and surprising, but allowing someone to setup DNS records for a domain name isn't a problem and is required in some situations for DNS migrations.

[yucky]

Network Solutions is a legacy registrar that is way overpriced, but I wouldn't call it a scam. They're a legit registrar, but I think only inertia keeps them in business.

[donkarma]

what TLD is it?

[enonevets]

Not OP so I don't know what TLD they had but out of curiosity, I went to see how much it would cost to register a .com and it was $20/year plus free privacy only for the first month with a $1.99/month fee after. That's basically like $24 for privacy a year (which most registrars offer for free) plus the domain. That's already $44 for a .com.