Domains are increasingly being targeted by cyber attacks. If a domain is hijacked, it can have disastrous consequences – apart from the cost involved. However, there are effective defences against it, like implementing a registry lock. Using strict locking and authentication mechanisms on the registry side, the registry lock reduces the risk of domain loss or abuse to a minimum. Any changes to domain data, like name servers, contact details or a domain transfer can only be carried out after thorough verifcation by authorized and validated persons.
We offer a registry lock service for these TLDs.
- E-commerce
- Brands & banks
- Institutions
It is essential for websites and online shops that their systems run reliably and are permanently accessible to users. This also applies to their domains, which can present a gateway for cyber attacks. In order to avoid critical downtime, it's a good idea to implement a registry lock. Domain resellers can also add registry lock services to their offerings and boost profits.
The loss of online reputation or even data sovereignty can lead to worst case scenarios for companies, international corporations and brands. In these cases, domains should be viewed as digital assets that require effective safeguarding. Protecting brand domains against attacks and loss is a decisive factor to remain competitive and avoid any damage to the company's image.
Domains for governments, universities, organizations, municipalities or public institutions require special protection. Domain security and necessary measures are essential for preserving integrity and user trust in eGovernance and online-based management systems, as well as for guaranteeing data control. Investing in proactive security is an absolute must here.
How the registry lock works
Select domain in AutoDNS and request registry lock
The registry lock service at InterNetX is available for domains under the TLDs .at, .de, .ch, .com, .net and .se. If you do not manage this domain (these domains) in AutoDNS, a transfer for the relevant domain(s) to InterNetX is required so that we can provide you with this service.
Please note: The service is only available in AutoDNS for customers who have selected the payment option post payment.
Consultation & order confirmation
Use the form under Services > Products & services > API & services in your AutoDNS account to submit your desired order with all necessary information.
One of our Partner Success Managers will contact you directly to collect and share all required information for the process and will inform you about the applicable conditions and prices for the registry lock program of the selected domain(s).
The costs and conditions vary from registry to registry. Once all factors relevant to the purchase have been clarified, you can finalize the order with a dedicated form.
Order transmitted to the registry
After the order has been confirmed and the fees have been paid, the InterNetX Domain Services Team manually activates the registry lock in the web interface of the selected registry/registries. Only dedicated and authorized InterNetX employees have access to this. You will be informed as soon as the registry lock has been activated.
Please note: Due to the manual processing of individual steps and certain dependencies, the process can potentially take a few days. Quick changes to domain data are only possible to a limited extent during the processing period.
The registry lock is set
After InterNetX has transmitted the registry lock order to the responsible registry, the authorized registry employee sets the registry lock in the registry database after thorough verification. The registry informs the domain owner, the registry lock contact specified by the domain owner (for .de and .at) as well as InterNetX when the service has been implemented successfully.
The validity period of the registry lock depends on the domain validity and is automatically renewed by another year if the registry lock is not canceled.
Cancelation of the registry lock | Changes
Each individual change as well as the cancelation of the registry lock must be authorized by the registry. If you would like to change contact details or cancel the registry lock, please contact our Domain Services Team or our Partner Success Team – we will then initiate all required steps. The process of cancelation usually follows the same procedure as the implementation process and can take a few days to complete.
FAQ.
A registry lock is a domain status code and security mechanism that prevents changes to central data for domain management like OwnerC, AdminC, name servers or domain transfers by setting a server status. Once this is set, all transactions and attempts to make changes to the domain are blocked – e.g. the AutoDelete procedure is also blocked.
The registry lock is carried out by the registry (= the operator) of a top-level domain and is subject to a manual process and authentication mechanism. If the appropriate authentication data cannot be submitted and verified, no changes can be carried out to the saved domain data..
A registry lock can only be set for domains that are registered at InterNetX and are not blocked by the registry for other reasons (e.g. legal disputes). The registry lock is comparable to the InterNetX DomainSafe, which is implemented on the registrar level.
A registry lock allows domain owners to protect their domains proactively against:
- unauthorized changes | domain hijacking
- unwanted deletions / AutoDeletes
- takeover by external parties
Changes to the domain data for a domain with a set registry lock can only be requested by the domain owner and must first be verified and authorized by the registry.
The prices for setting a registry lock vary from TLD to TLD and therefore from registry to registry. Some registries offer discounts for larger portfolios.
At the moment, costs are generally somewhere between €200 to €650 per year and lock. In comparison to the domain registration costs, this may at first seem rather steep. However, if one considers the costs that can be incurred in the case of loss or misuse of a domain, this investment is put into perspective. Data protection infringements and the loss of reputation for established brands or governmental institutions can result in costs that far exceed the investment in domain security.
If you have any questions about the registry lock prices for .at domains, .de. domains, .ch domains, .com domains, .net domains and .se domains, please contact our Partner Success Team.
Business-critical and strategically important domains should be optimally protected from third-party access wherever possible. Strategically important domains are brand ambassadors and/or carry the product name, they refer to the key websites of a company and/or may also generate customer data. Government and public institutions, banks and e-commerce providers should protect domains with a registry lock, because the loss of a strategically important domain can have bitter consequences:
- Damage to image and reputation
- Loss of revenue
- Violation of data protection obligations
- Loss of customer data
- Phishing attacks
Would you like advice on how to protect your domains strategically? Our Partner Success Team will be happy to help you.
There are different types of WHOIS status codes that provide information about the status of a domain: Client and server codes are set by registrars, and server status codes are set by registries; the latter take precedence over client codes. Both are listed in a WHOIS lookup.
If a registry lock has been set for a domain, the following codes will be displayed:
- serverDeleteProhibited: This status code prevents a domain from being deleted.
- serverTransferProhibited: This status code indicates that a domain may not be transferred out from the current registrar.
- serverUpdateProhibited: This status code prevents domain data from being updated.
No. The registry lock runs on the AutoRenew principle and will be renewed for another one-year term until it is actively removed.
If you are a domain owner and would like to remove one or more active registry locks for your domain(s), please contact our Partner Success Manager Team, as you will need to submit an official request to InterNetX. The process for removing a registry lock is, in part, similar to the setup process: InterNetX as registrar forwards the request to the registry for processing and the procedures defined by the respective registry are carried out. The registry checks the request and after successful validation informs all relevant persons about the removal of the registry lock.
Please note: As this process includes several manual steps, the processing time may take up to several days. During this time, changes to domain data are only possible to a limited extent.
The domain owner has to actively enable the registry lock and designate a so-called Lock Contact (only applies to domains under .de and .at). This Lock Contact will be informed about all changes to the domain and has to authorize them. This contact person has to be specified during the order process in the registry lock form and submitted to the Domain Services Team at InterNetX. For other TLDs there is no need to specify a Lock Contact.
An update of the domains by InterNetX is possible, but changes may have to be authorized separately by the specified Lock Contact for some TLDs.
It should therefore be ensured that the Lock Contact can be reached via text message and/or email. A change of the Lock Contact may be necessary in written form.
