.WTF? Regulation .sucks!

As a registrar, we want the new gTLDs to be as easy as possible: simple accreditation, no unusual limitations, just a no-nonsense registration. Luckily this is not a problem in most cases. Of course there are some restrictions, like for the geographical extensions or the really exotic ones, but most of them can just be registered freely. One of the registries we really like to co-operate with is Donuts: a huge portfolio of 200+ extensions, all of them open, all of them following the same rules and clear launch phases and pricing schedules.

The amendment to our registrar contract we recently received was thus a big surprise: in this amendment, Donuts puts additional requirements to a large number of extensions. Those requirements appear to be dictated by ICANN, in its turn initiated by organizations representing interests of industries and trademark holders.

Regulated extensions

What changes will we face? From this week, many of Donuts’ extensions have been marked as  ‘regulated extensions’ or even ‘highly-regulated extensions’. For the exact provisions, please read our news item; below  follows the summary and some background information.

For the ‘regulated extensions‘  such as .insure, .music and .health (a full list can be found at the  end of this blog), you need to include in your agreement with the registrant certain provisions, that the registrant complies with all applicable laws and that he, when collecting and maintaining sensitive and financial data, will implement appropriate security measures. Most customers will have already foreseen such provisions in their agreements. [···]

Read More

Global Attack on WordPress Sites

As I write this post, there is an on going and highly distributed, global attack on wordpress installations to crack open admin accounts and inject various malicious scripts.

To give you a little history, we recently heard from a major law enforcement agency about a massive attack on US financial institutions originating from our servers.

We did a detailed analysis of the attack pattern and found out that most of the attack was originating from CMSs (mostly wordpress). Further analysis revealed that the admin accounts had been compromised (in one form or the other) and malicious scripts were uploaded into the directories.

Today, this attack is happening at a global level and wordpress instances across hosting providers are being targeted. Since the attack is highly distributed in nature (most of the IP’s used are spoofed), it is making it difficult for us to block all malicious data. [···]

Read More