Subscribe to receive notifications of new posts:

Introducing Cloudflare Registrar: Domain Registration You Can Love

09/27/2018

7 min read

“I love my domain registrar.” Has anyone ever said this? From before Cloudflare even launched in September 2010, our early beta customers were literally begging us: "Will you please launch a registrar too?!" Today we're doing just that, launching the first registrar we hope you’ll be able to say you love. It's built around three principles: trust, security, and always-fair pricing. And it’s available to all Cloudflare customers.

Needing Secure Domain Registration Ourselves

Cloudflare has actually run a registrar for some time. Like many of our best products, it started by solving an internal issue we had. Cloudflare has several mission-critical domains. If the registration of these domains were ever compromised, it would be, in a word, bad.

For years, we worked with our original domain registrar to ensure these domains were as locked down as possible. Unfortunately, in 2013, a hacker was able to compromise several of the systems of the registrar we used and come perilously close to taking over some of our domains.

That began a process of us looking for a better registrar. Unfortunately, even the registrars that charge hefty premiums and promise to be very secure turn out to have pretty lousy security. We ultimately decided the only way to get the level of security we needed was to build a registrar ourselves.

Custom Domain Protection for the Ultra High End

A handful of our customers noticed we had our own registrar and asked us about it. Those conversations turned into our Enterprise Registrar product with Custom Domain Protection for our most security-conscious clients. Every client using Custom Domain Protection defines their own process for updating records. For instance, if a Custom Domain Protection client wants us to not change their DNS records unless 6 different individuals call us, in order, from a set of predefined phone numbers, each reading multiple unique pass codes, and telling us their favorite ice cream flavor, on a Tuesday that is also a full moon, we will enforce that. Literally.

That, obviously, doesn't scale. As a result, we charge a significant premium for our Custom Domain Protection product. (If you're interested you can learn more about it here.) Running that, however, has helped us define a set of best practices that we think every registrar should follow. And that got us thinking: can we build a better registrar for everyone?

What Consumers Hate About Their Current Registrar

With a good idea on how to build a more secure registrar we asked our customers what they hated about their current registrar. Two phrases kept coming up: "bait and switch" and “endless upsell.” If you've ever registered a domain, you know the drill. You get a discounted price when you first register, but with each renewal the price soars. In the best cases we've found, it's around two times the original offer. In the worst, it's more than twenty times. It's gross. That’s in addition to the constant upsells for other products that either should be included for free (for example, DNSSEC) or that you just don’t want (for example, worthless trusted site seals).

The thing is, registering a domain is a commodity. There's no meaningful difference between any of the existing mass market registrars. Each top level domain registry (TLDs like .com .org .info .io, etc) sets a wholesale price for registering a domain under them. These prices are known and remain relatively consistent over time. All the registrar does is record you as the owner of a particular domain. That just involves sending some commands to an API. In other words, domain registrars are charging you for being a middle-man and delivering essentially no value to justify their markup. The more we looked at it, the more crazy the whole market looked to us.

Learning from Making SSL Free

The last time we saw a market as messed up as this was when we looked into the market for SSL certificates. Back in 2014, we decided it was crazy that people should have to pay to be encrypted online. During our Birthday Week celebrations that year, we became one of the first services to say that you should get encryption at no extra cost, even on our free plan. Since then there's been an encryption revolution, and we're proud that nearly all forward-thinking services offer SSL for free. If some service you're using still charges you extra to support encryption they’re ripping you off.

Granted, the economics of registering a domain are a bit different, but only a bit. TLDs need to do some work to make sure no two people register the same domain. And it makes sense for there to be some cost to keep someone from just registering every possible combination of characters. But why should registrars charge any markup over what the TLDs charge? That seemed as nutty to us as certificate authorities charging to run a bit of math. When we see a broken market on the Internet we like to do something about it.

The Cloudflare Registrar Promise

Today, on Cloudflare’s 8th birthday, we’re giving all our customers a present: a registrar they can love.

Here's the promise of the Cloudflare Registrar: we'll follow the best possible security practices and offer you the best possible price. What do we mean by that? From the security side, we promise we'll allow you to enable two-factor authentication, we’ll lock your domain registration by default, and automatically enable best-practice security services like DNSSEC.

From the price side it’s even simpler: we promise to never charge you anything more than the wholesale price each TLD charges. That’s true the first year, and it’s true every subsequent year. If you register your domain with Cloudflare Registrar you’ll always pay the wholesale price with no markup.

For instance, Verisign, which administers the .com TLD, currently charges \$7.85 per year to register a .com domain. ICANN imposes a \$0.18 per year fee on top of that for every domain registered. Today, if you transfer your .com domain to Cloudflare, that's what we'll charge you per year: \$8.03/year. No markup. All we're doing is pinging an API, there's no incremental cost to us, so why should you have to pay more than wholesale?

You may be able to find a cheaper price somewhere else under some promotion. But, ultimately, there's a wholesale price that the other registrar must cover so inevitably you know there's going to be a bait and switch — with the price getting jacked up in the future — along with endless upsells.

Cloudflare Registrar will also be offering personal data redaction on WHOIS, that meets current ICANN guidelines, for free. Broadcasting the registrant contact information, via the WHOIS service, can invite mountains of spam to your personal addresses. Like your domain, your privacy should not come at a markup.

Rolling Out Cloudflare Registrar

You can't actually register a new domain with the Cloudflare Registrar. Not yet. Today, the service is restricted to existing Cloudflare customers transferring their existing domains to us. If you’ve had trouble transferring domains before, just wait: we’ve made the process extremely smooth and easy.

We anticipate there's going to be quite a bit of demand, so we’ll be rolling invitations out slowly to make sure we provide a terrific transition experience. To claim your place in line, you need to be a Cloudflare customer and sign up for Early Access (Domain Transfer is now GA, new domains coming soon). Invitations will then go out over the next few weeks based on loyalty: the longer you've used Cloudflare, the sooner you'll get your invitation. Just our way of thanking our most loyal customers and helping them save money on their domain registration fees.

One twist: we’re providing another way to jump to the front of the queue. Just as we want to thank and reward our most tenured customers, we also want to help support those organizations that are attempting to make a meaningful difference in our industry.  One such organization is Girls Who Code, which aims to help close the gender gap in the technology industry.  To support this organization’s efforts, we’re inviting customers to make a contribution to Girls Who Code during the Early Access registration process, and those who do will move to the front of our Early Access invitation queue.

Welcoming Everyone to a Registrar You Can Love

We estimate that if every one of our customers moved their domains to the Cloudflare Registrar, they’d save over $50 million per year.

Combined with our Bandwidth Alliance announcement yesterday, we hope the announcements this Birthday Week will save our customers well over $100 million per year they’d been paying for their infrastructure before.

If you're not yet a Cloudflare customer, but you want to use Cloudflare Registrar, we encourage you to sign up for our core service now. We don't prioritize based on how much you pay us — or if you pay us at all — so even new free customers will get a place in the queue.

After we've given existing Cloudflare customers a chance to take advantage of the Cloudflare Registrar, we'll open it up more broadly. At that time, we'll allow new domain registration as well. But, regardless of when you sign up, our promise will always be the same: best security practices at the wholesale registration price. A registrar you can trust, and, we hope, one you can love.

Subscribe to the blog for daily updates on all our Birthday Week announcements.

We protect entire corporate networks, help customers build Internet-scale applications efficiently, accelerate any website or Internet application, ward off DDoS attacks, keep hackers at bay, and can help you on your journey to Zero Trust.

Visit 1.1.1.1 from any device to get started with our free app that makes your Internet faster and safer.

To learn more about our mission to help build a better Internet, start here. If you're looking for a new career direction, check out our open positions.
Birthday WeekProduct NewsRegistrar

Follow on X

Matthew Prince|@eastdakota
Cloudflare|@cloudflare

Related posts

March 08, 2024 2:05 PM

Log Explorer: monitor security events without third-party storage

With the combined power of Security Analytics + Log Explorer, security teams can analyze, investigate, and monitor for security attacks natively within Cloudflare, reducing time to resolution and overall cost of ownership for customers by eliminating the need to forward logs to third-party SIEMs...