Register.com--BEWARE! Wildcarding YOUR Subdomains as a Default Setting!

Replace the IP in wildcard with the IP address of your site.
If you don't know the IP address, a command like ping www.yoursite.com will return the IP address.
You can also remove the A record if you don't want wildcard resolution. However, it is good practice to make sure that www.yoursite.com and yoursite.com both resolve to the same IP address. Also set up a HTTP/301 redirect of yoursite.com to www.yoursite.com (or possibly the other way round).

Or better yet, use a third party DNS service.

They are creative when it comes to their bottom line, aren't they ?
I wouldn't be surprised if netsol is doing the same, but haven't tested.

Unbelievable! How did you discover this? Sure enough, going to http://asdasdasd.Poets.net is Register.com parking page...

To those with technical backgound: if you have both A and Cname records set, which takes precedence?

Might also be worth checking to see if other registrars are doing the same thing.

*

Thanks, Sdsinc

My IP belongs to Google; hence, if I change my IP, will it simply point to Google, or will it act as a wildcard to poets.net and WWW.poets.net?

For example,

*.poets.net points to [Place Google's IP Here]

Or perhaps I should just try it and see what happens?

I think I may transfer this domain out of Register.com.

*

---------- Post added at 03:21 PM ---------- Previous post was at 03:14 PM ----------

Tia,

Occasionally, I do a search site, just to keep tabs on things.

This time, I found london.poets.net, Afr.poets.net, w.poets.net, and info.poets.net, VERY high up in the search site, suggesting that these pages are getting solid hits and bleeding my traffic.

I knew they weren't mine, so I checked them out. Behold! A Register.com parking page.

So I went to my account and checked the A Record, which is when I saw the *.Poets.net. Duh, it hit me that they were wildcarding my subdomains.

Sneaky $3@#*'s

It's time to take this domain to the next level, I think.

*

tiawood said:

Unbelievable! How did you discover this? Sure enough, going to http://asdasdasd.Poets.net is Register.com parking page...

Click to expand...

I'd move my DNS records away immediately. ( followed by the domain as well. )

If you want someplace free Zoneedit will let you set records for (iirc) 2 domains for free, charging after that.

I've had an account there for a couple years without incident.

clouddns also has free + paid offerings - I have DNS records there as well but have not used them long enough to give an opinion other than to say I like the interface and plan to move more there if it remains pain free.

other than end-user, I have no relationship with either of them. YMMV.

Interesting:

https://www.google.com/search?q="london.poets.net"

https://www.google.com/search?hl=en&q="Afr.poets.net"

https://www.google.com/search?hl=en&q="w.poets.net"

https://www.google.com/search?hl=en&q="info.poets.net"

I wonder why these show up but nothing else random I search for on Google and why those terms do not show up on bing.

Example...Doesn't show up:

https://www.google.com/search?hl=en&q="tiny.poets.net"

https://www.google.com/search?hl=en&q="common.poets.net"

https://www.google.com/search?hl=en&q="test.poets.net"

*

Also interesting:

site:Afr.poets.net
site:info.poets.net
site:london.poets.net
site:w.site:w.poets.net

Why are these even ranking at all?

Added: Had it not been for the above, I would not have discovered this wildcarding at all.

Added: I just checked a few of my GoDaddy domains, some on ghs.google.com, some simple redirects. Based on my limited research, Godaddy seems NOT to be wildcarding.

Also, Domainmonster and Dynadot seems to be in the clear, but I would say this: For your premium domains, check them out because I checked a not-so-great domain that I own (since 2004) through Register.com and the subdomains all point to the site itself. I'm going to check that account and see how that looks in the A Record.

Could someone check their netsol domains, ones that are simple redericts to other sites or Cname alias (such as ghs.google.com? I canceled that registrar account years ago...

Another piece of information, using the IP in my record:

http://whois.domaintools.com/216.21.239.197

futuresite.register.com

This seems to be the dump site for their nefarious wildcarding scheme.

(Sorry, mods, I keep discovering new sneaky stuff.)


*

tiawood said:

Interesting:

https://www.google.com/search?q="london.poets.net"

https://www.google.com/search?hl=en&q="Afr.poets.net"

https://www.google.com/search?hl=en&q="w.poets.net"

https://www.google.com/search?hl=en&q="info.poets.net"

Click to expand...

This thread is now ranking in with the search results.

They should be shut down for this kind of shit.

*

I just solved the problem via a forwarding wildcard, thanks to Amanda at Register.com.

I just had a long chat with her regarding the automatic wildcarding of subdomains. I said:

ANY term at the left of poets seems to go to your parking page, which means I'm losing potential traffic to Register.com. Also, I suspect that Google and search engines aren't looking too kindly toward my site because of this because they see parking pages as spam.
...
Register.com is infringing on my domain with potentially an infinite number of parking pages, some with terms that could get me into legal trouble. Therefore, I would like the wild card to go directly to my own site. Otherwise, I WILL move the domain to GoDaddy, who does NOT wildcard subdomains.​

Click to expand...

I try to be nice to customer reps because they don't make policy, and they shouldn't have to take abuse, but I wanted to be clear about where I stand on this policy.

I recommend that if you do have domains at Register.com that are redirects AND/OR Cname alias designations (such as ghs.google.com), then you should do the following (unless you like your domain xxx.Example.com or Verizon.Example.com going to a parking page):


This doesn't seem to affect DNS other than Register's DNS, but I don't know this for sure. I would think that a DNS change would wipe everything else out.

*

That still doesn't explain how these terms were showing in the SE results in the first place.

I'd love to hear a reasonable explanation that doesn't involve some sort of scam. I can't think of one myself..

*

That is definitely a good question--I wondered that too. In fact, that's how I discovered the wildcard in the first place

Parking pages should NOT be in search engine results, but these were...

But I doubt if the rep could answer that question.

Maybe a higher up at Register will come here and explain this lousy practice.

*

2knew said:

That still doesn't explain how these terms were showing in the SE results in the first place.

I'd love to hear a reasonable explanation that doesn't involve some sort of scam. I can't think of one myself..

Click to expand...

Ms Domainer said:

Maybe a higher up at Register will come here and explain this lousy practice.

Click to expand...

:bah: Yeah, right. I doubt it.

Thankfully you know how to dig around and change settings. Others might not be so lucky. Thanks for reporting this!

*

Aha, I think I see how this has happened.

Some searchers must trying to reach london.e-poets.net and reaching, instead, london.poets.net. Same with Afropoets.net, typing instead Afr.poets.net instead.

Over time, these typos add up...the domain is 14 years old (I've had it 4 years), so this mistaken traffic could eventually warrant a place in the SE.

?

*

*

Yeah, I figured it was typos/mis configured links or whatever, but:

why is it the typos were crawled and indexed?

The way I read this situation, if googlebot had crawled hotporn.poets.net or buyviagra.poets.net or something_truly_awful.poets.net it would have served a page and presumably not done the courtesy of setting a "noindex" meta. This helped keep typo/park pages indexed at the expense of you site's reputation.

I have no names at your registrar and it is safe to say it will stay that way. - again, nice catch, thx for the warning.

*

This is exactly the crux of the matter, and Register.com doesn't give a d@mn.

They are not serving their customers well at all.

I did tell the rep about this thread and gave a link to it.

*

name.com does the same thing.

vc said:

name.com does the same thing.

Click to expand...

Do you have any examples?

*

Yes, examples would be good.

Accusations without proof is not credible and could unduly tarnish the reputation of an innocent company.

So, PLEASE, post only verifiable information.

I don't have any domains with the company named in vc's post, so I can't check the company's control panel.

*

moniker.com did a similar thing too. They parked one of my domains (developed as a site). They added a CNAME called ww1 that redirected my domain to a parked page. I've contacted them, once they asked me my account ID and domain they did nothing about resolving the issue. 3 days passed and no action/reply from them.
I am really disappointed from moniker.

*

Are you able to change the designation yourself?

GoDaddy gives you complete control over your panel, but maybe Moniker does not?

Still, this kind of activity needs to be exposed.

As domainers, we are somewhat savvy to these kinds of nefarious activities, but what of the other millions who simply register their domains and choose to redirect and/or choose to use a Cname alias?

It took me four years to discover this--I mean, who would think that one's own registrar would siphon off traffic from a customer's infinite number of subdomains?

This is not simply a money issue BUT a reputation one as well.

I urge anyone owning Register.com domains to check your A Record for subdomain wildcarding (*).

Also, check a few random subdomains.

If you have changed your nameservers TO Register (for hosting) I would also check that as well, especially if you aren't using your subdomains.

By the way, Sedo is doing this as well. I just checked my.joker.us, and it took me directly to my parked page. It is unclear, however, whether I benefit from this subdomain designation or if the company is simply siphoning this money for itself.

I don't want to click too much on my own pages (to check other subdomains), but I think one can infer that the infinite number of third level domains times millions of domains = $$$$$$$$$$$$ for registrars and parking companies.

*

ioana_bv said:

moniker.com did a similar thing too. They parked one of my domains (developed as a site). They added a CNAME called ww1 that redirected my domain to a parked page. I've contacted them, once they asked me my account ID and domain they did nothing about resolving the issue. 3 days passed and no action/reply from them.
I am really disappointed from moniker.

Click to expand...

Ms Domainer said:

By the way, Sedo is doing this as well. I just checked my.joker.us, and it took me directly to my parked page. It is unclear, however, whether I benefit from this subdomain designation or if the company is simply siphoning this money for itself.

Click to expand...

That is of course for your benefit and theirs. Parking is for monetizing direct traffic and typos are traffic too... no reason to limit yourself to domain.com and www.domain.com.

*

Interesting Wikipedia article about Verisign wildcarding unregistered domains on SiteFinder (between 15 September 2003 and 4 October 2003):

[ame="http://en.wikipedia.org/wiki/Site_Finder"]Site Finder - Wikipedia, the free encyclopedia[/ame]

ICANN was not happy:


I wonder if this policy ought to extend to registrars regarding customers' subdomains.


*

I wanted they to resolve the problem. Now I did it by myself and I have to wait till the A and CNAME records update.
I'll remove my domains from them and will write bad articles about moniker.