Is my website safe? Making WordPress secure

WordPress can rightly be called one of the most popular content management systems in the world, if not THE most popular one. The simplicity for users, paired with extreme flexibility (with the right themes and plugins, you can make your WordPress site pretty much anything you want), and accessibility — it all contributes to its immense popularity.

However, on the flip side, such popularity also makes WordPress vulnerable, attracting all sorts of attacks.

Let’s look into the ways to keep your WordPress site safe and secure.

How secure is WordPress, anyway?

Because WordPress is free and open-source software that anyone can download, modify and share, in theory, these things might make it vulnerable to those who want to abuse it. However, WordPress is actually more secure than you might think.

The WordPress core product has a team of dedicated developers who work on keeping the platform as secure as possible. They regularly monitor WordPress for security vulnerabilities and install patches and updates to the software as soon as they are released. So the first line of defense is there.

The rest, however, depends on the users.

As noted in the WordPress.org Support article Hardening WordPress,

Fundamentally, security is not about perfectly secure systems. Such a thing might well be impractical, or impossible to find and/or maintain. What security is though is risk reduction, not risk elimination. It’s about employing all the appropriate controls available to you, within reason, that allow you to improve your overall posture reducing the odds of making yourself a target.

With that in mind, what you, as a user, can do to harden your WordPress site?

Choose your hosting wisely

A good place to start when it comes to WordPress (or any other website, for that matter) security is choosing hosting you can trust. When looking for a hosting provider, you need to ensure that they provide up-to-date stable versions of software, as well as thoroughly monitor for vulnerabilities and malware. Another thing to look for is whether they offer you reliable methods for backup and site recovery, as well as whether SFTP or SSH connection is available.

For example, here at Webhostifier, we take our EasyWP security very seriously, so not only do we keep our servers well-protected, but we also offer PositiveSSL certificates for free with our Turbo and Supersonic plans to ensure better protection of our clients.

Keep your WordPress installation updated

The next line of defense is on you as a user. Many WordPress sites fall victim to hackers’ attacks due to having outdated versions of WordPress and/or plugins, or not installing the latest patches and updates. If not kept up to date, these files become increasingly vulnerable to exploits.

To reduce the risk for your site (and also increase its stability), updating WordPress to the latest version is a must, as well as making sure all themes and plugins you installed (be it from a WordPress site or third-party developers) are also all up to date.

By default, WordPress automatically installs most of the minor updates via the Auto-Update function, but in case of major releases, you need to manually start the update. This can be done via Dashboard>> Updates. Before you initiate the update, make sure to back up your site, so that it could be restored in case anything goes wrong.

Be mindful of your passwords and permissions

In the past, WordPress used to set the default username as “admin” and many website owners never bothered to change it. And although WordPress has since started to require users to select a custom username after they install WordPress, some one-click WordPress installers still set the default admin username to “admin”.

As a result, “admin” is usually the first username hackers try when they launch a “brute-force” attack against your site. So if you have the “admin” username, it’s wise to change it to something unique as soon as possible. There are 3 ways to do that:

  • Create a new username under “Users”, assign the “Administrator” role to it, set the “Attribute all content to” option for the new profile, and then delete the default one;
  • Use the Username Changer plugin to change the username;
  • Update the username from phpMyAdmin.

The same logic applies to passwords — including the passwords to the admin account, FTP accounts, and so on. They should be hard to guess and unique to your site. You should also change them regularly.

Another way of reducing the risk will be restricting the permissions to access the site directories and disabling file editing for some of the user accounts. For example, for someone helping to edit older blog posts, you might give temporary permissions by granting them an appropriate user role (in this case,  to “Editor”) in the Users menu, and revoke them later by reducing permissions (perhaps back down to “Subscriber”) once the user no longer needs that access.

Another thing you should consider is limiting login attempts and setting notifications for excessive logins.

Install security plugins

As we mentioned before, there are plenty of WordPress plugins for every purpose out there, including a vast selection of security plugins that will add another layer of protection to your site. For example, If you do a search for the “Security” category on the official WordPress site>>Plugins tab, you will find over 4000 security-related plugins, from all-in-one solutions to specific feature sets.

Here are some useful plugins that will help you keep your site safe:

  • WPS Hide Login – this lightweight plugin allows you to create a custom URL for accessing WordPress instead of the default login URL. This will make it much more difficult for hackers to log in to your admin panel.
  • WordFence – a premium (versus free) plugin, WordFence will protect your site from brute force attacks and limit the amount of failed attempts of logging in to your admin panel.
  • WP DB Backup – this is a simple plugin that lets you backup your core database tables.
  • Anti-spam – this spam-block plugin allows you to block and remove annoying (and potentially malicious) spam messages.
  • Antivirus plugin – popular among WordPress users to keep their websites secure from bots, viruses, and malware.

Keep in mind that when you install a WordPress security plugin, you’re granting it access to your WordPress files, directories, and database, and you can’t limit this access. So before installing the plugin, you should check what access it will require. This information can be found in the plugin documentation.

If in doubt regarding the plugin’s reputation, you can also check the reviews as well as the active installs. If the ratings are low or there aren’t many users, keep looking. You should also check to make sure it works with the current version of WordPress and has been updated recently — avoid older plugins that may have their own security holes or conflict with the current version of WordPress.

Remember all security plugins you install should be kept updated regularly, as often as the updates to WordPress itself.

Filing blocks into folders

Back up your site

Even if you are absolutely positive that your WordPress site is protected from outside attacks, it’s still a good idea to back it up on a regular basis, especially whenever you add or change content. Keeping a backup handy will help you restore your site quickly in case of any errors made when editing, accidental loss of data, moving to another hosting provider — and, of course, if your site gets hacked or compromised with a virus.

When backing up your WordPress site, make sure you are backing up both your site files and database, as both are needed for your site to function properly.

To be on the safe side, it is also a good idea to keep backups on cloud storage like Dropbox, Google Drive, or similar services, so it could be at hand even in case the hosting server is down or your hosting account became compromised as well.

Conclusion

The popularity of WordPress is what also makes it a target for many attackers — but luckily, there are a number of things users can do to protect their WordPress sites.

Keeping the site regularly updated and backed up, and with trusted security plugins running, will greatly minimize the risk of it being compromised.If you’d like more tips on keeping your WordPress site secure, we have a couple of resources that can help. Check out our recent blog on reducing plugins to keep your website secure, and you can review our Knowledgebase article that details ways you can harden your WordPress database as well as other tips

Full site editing is coming to WordPress with 5.8

As great as WordPress has been for the web developers among us, beginners and casual website owners have remained rather unimpressed with WordPress’s abilities. This is all about to change with the release of WordPress 5.8 scheduled for July 20.

I mean, sure, WordPress has always been powerful enough to handle any task you might throw at it, but the difficult part was learning how to use the platform to its full potential. In plain English, WordPress has often been criticized as not being user-friendly enough.

This is where the simplistically-named “full site editing” comes into play.

Today, we look into what full site editing (FSE) is and how it can help you, the user, flatten the learning curve of WordPress.

What is full site editing?

Before I can tell you what FSE is exactly, we need to take a quick history lesson. A couple of years ago, Matt Mullenweg, one of the creators of WordPress, introduced the Gutenberg block editor during his Q&A session at WordCamp Europe. This was a huge change in how WordPress handled the process of page/post building.

Before blocks, users only had a simple TinyMCE editor at their disposal. The only way you could work on your pages to customize them was by treating them like a Word doc and hoping that things won’t break as you attempt to move content around.

Blocks changed that. With blocks, your post or page is now a blank canvas on which you can place… well, different blocks. Those blocks can be anything. From text to images, video, audio embeds, galleries, columns, you name it.

At the end of the day, blocks make it much easier to work on what would otherwise be normal blog posts and pages.

Full site editing takes this concept one step further.

Basically, why use blocks to build only posts or pages when you can use them to build entire websites?

That’s what FSE is. It grants us the ability to use blocks (originating from the block editor) to customize entire website designs/layouts instead of just posts or pages.

What full site editing means for WordPress users

Like with every new thing that relates to website tech or software, there are good things and challenging things.

Depending on the type of user you are, FSE can have a huge impact on your workflow… or no impact at all.

On the far end of the spectrum, there are power users — users who would like to customize as much of their site as possible. At the same time, some of those power users are not skilled enough with source code to do everything by hand. These users will benefit from FSE immensely.

On the other end, there are casual users who just want to install a good-looking theme and not have to worry about any sort of design customizations, apart from uploading a logo. These users won’t even notice that FSE is there.

The simple explanation is this: with FSE, what used to be hard-coded inside a WordPress theme is now just a series of blocks that can be moved around and customized to match the user’s needs.

Therefore, if you’re the kind of user who wants to be able to customize every tiny element of your site’s design, FSE will let you do that. This is especially valid if you’re a business and don’t want to rely as much on third parties to help you customize your website.

That being said, if you can’t be bothered with such things, FSE is not forcing you to do anything at all. You can continue using WordPress like you’ve been using WordPress all along.

What full site editing means for developers and designers

This is where it gets tricky. FSE means changes.

The days of single-purpose themes are nearly done. With the rise of page builders like Elementor and then Gutenberg, it’s been becoming harder and harder to create a theme that can stand on its own and deliver unique features that are either difficult or inconvenient to achieve with builders.

FSE makes it even tougher.

For once, not all themes are compatible with FSE right out of the gate. This means additional development costs.

On the other hand, if you boycott FSE, you’re only setting yourself up for failure in the long run. Even though FSE may not  be hugely popular from day one, you still cannot afford to be too late to the party. With WordPress heading towards a 50% market share, no developer wants to miss out on a cake of that size.

Here’s what Hardeep Asrani, WordPress contributor and developer with Themeisle, had to say about FSE and its impact on the WordPress ecosystem:

“With FSE, WordPress will become truly WYSIWYG. Developers will be able to provide users with a better solution to work on their websites — without having to install page builders or needing to learn CSS. However, this will also change the way themes work under the hood. We’re moving away from large packs of PHP files (that handle all those different page templates right now), and toward doing most things via CSS, along with JSON configuration files.”

A quick overview of FSE in WordPress 5.8

How to get FSE enabled on your WordPress site?

There are three main elements that you need:

  • WordPress 5.8 – running the latest version of WordPress will give you a better overview of where things are going
  • the Gutenberg plugin – this is a standalone version of the block editor – it comes with a more cutting-edge version of the block editor that includes the FSE functionality (ie. you won’t be able to use FSE without the Gutenberg plugin),
  • a FSE-compatible theme.

Let’s discuss that last element in a bit more detail. By default, and certainly not until FSE gains some traction in the mainstream, not all themes are compatible with FSE. Or, rather, very few are at the time of writing this article. An official FSE-enabled theme by the WordPress crew is called TT1 Blocks.

How to start experimenting with full site editing

Getting started is fairly straightforward. You can click on the Site Editor link that’s in the WordPress sidebar, or you can go to any post or page editing screen. There, you’ll find a new section called Template: Single Post.

These blocks let you add common content elements to your template — things such as the post author, excerpt, main content, comments, date, tags, etc.

Further down, there’s also a section called THEME blocks. This is for things like the main theme header, footer, and other elements enabled for modification by the theme’s developer.

You can take any of these blocks and put them somewhere on the canvas. For instance, if you want to add the post excerpt below the headline, it’s as simple as taking it from the list and dragging and dropping it exactly where you want it displayed.

What’s next?

We are all pretty excited about these new developments and the whole direction to make WordPress more functional not only for casual users but power users as well.

Most importantly, this looks like a great move to give users a viable alternative to platforms like Wix for a more advanced DIY website..

Whois—or Whoisn’t? The state of Whois for domains

Determining who owns a domain name used to be simple. The creators of the domain name system built a service called Whois that served as a phone directory for websites.

Whois displayed the phone number, address, email address and fax number (remember, this was a while ago!) of the contacts for the domain owner. The idea was that people could use this directory to contact site administrators if there was a problem with their domain or website.

Whois lived in that form for decades but has changed a lot over the past few years. This makes it more difficult to contact a domain owner, but there are still ways to get in touch.

The decline of Whois

A couple of things have led to the demise of Whois as it was once known.

First, people abused the system to send out spam. A few years ago, anyone who registered a domain without Whois privacy would be inundated with unwanted emails, phone calls, and text messages offering web services (logos, site design, etc.) for sale. Some of this information could also be used for identity theft. For these reasons, displaying personal information was less than desirable, and registrars devised systems to hide the information for their customers.

Second, countries (and now individual states) introduced privacy regulations that appear to ban publishing domain owner information online. The biggest of these regulations is the European Union’s General Data Protection Regulation (GDPR). After GDPR went into effect in 2018, most domain registrars started blocking access to at least the phone numbers, email addresses and physical addresses of most domains, even though the regulation does not apply to non-EU-citizens living outside of the EU.

Since the passage of the GDPR,  more countries have adopted similar regulations. And The California Consumer Privacy Act, which gives consumers the right to know about the data companies collect about them, applies to many tech companies. These developments put privacy concerns front and center.

While domain owners could apply Whois privacy to their domains when records were public, many registrars provide this service by default now because of the privacy regulations.

Specifically, Webhostifier offers free Whois privacy with all eligible domains. (Important note: some domain registries forbid Whois privacy. This includes .US domain names, which the U.S. government regulates.)

Getting in touch

The demise of public Whois information has made it much harder to contact the owner of a domain name. There are some benefits to this, such as eliminating spam. It also helps people who publish sites critical of governments, politicians and businesses maintain their anonymity.

But what if you want people to be able to contact you? Or if you want to contact the owner of a domain to see if they’ll sell it?

If you own many domains that are for sale, one way to make sure people can find you is to ensure the domains point to a webpage that has a way to contact you. This can be a simple landing page with a contact box.

Registrars will also allow you to opt-in to displaying your information publicly in Whois — but be ready for a deluge of spam if you do this.

If you’re on the other end of things and want to contact a domain owner, see if their registrar uses a Whois privacy service that includes email forwarding. For example, domains at Webhostifier have rotating email addresses in Whois that forward non-spam messages to the domain owner.

For domains registered elsewhere, registrars sometimes include a contact form on their Whois page.

You can also try to find historical Whois records for the domain that were archived before Whois information was redacted. DomainTools sells data subscriptions or one-off reports with historical information about a single domain. DomainIQ is a subscription service with archived records.

It’s a privacy-focused world

The introduction of privacy regulations has helped domain owners protect their identities. This is mostly a good thing, but it makes it more difficult to contact a domain owner when you have a legitimate reason to do so.

Policy around Whois and privacy regulations is still changing, so stay tuned.

New top-level domains can sell for lots of money

What do flip.xyz, bit.cloud, m.chat and quest.xyz have in common?

They’re all domains with “new top-level domain” extensions that have sold for at least $25,000 this year.

It’s proof that even non-.COM names can sell for good money and be profitable domain name investments. But investing in these alternate extensions requires different considerations than .COM domains.

Why investing in new TLDs might make sense

There are a couple of reasons that domain investors should look at new top-level domain names for investing.

First, compared to .COM domains, the entry cost to investing in new TLDs might be lower. Because most great .COM domains are already registered, investors have to turn to auctions or buy existing .COM domains from other people. Prices for even so-so .COM domains are often thousands of dollars. But good names are available in other extensions for less than $100.

Second, it’s a lot less crowded. There’s lots of competition figuring out the best .COM domains to acquire for resale. Since fewer people pay attention to extensions like .XYZ, .APP and .CLOUD, investors might find more opportunities.

Special considerations

There are several things to consider when investing in new top-level domain names.

Avoid premiums

Unlike .COM domains, the registries that sell new top-level domain names sometimes charge different prices depending on the quality of the second-level domain name (that’s the part to the left of the dot). Domain registrars like Webhostifier have to pass this cost on to you.

Depending on the top-level domain, the premium cost might apply to just the initial registration or it might apply for renewals, too. For example, .CLUB charges a one-time premium when you acquire the domain and then the regular low price each year after that. But other domains will charge you a premium price each year.

Premiums can be modest. Super.furniture costs more than most domains that end in .FURNITURE, but it’s still less than $100 per year at Webhostifier. Other premium domains are really expensive. 

Here are some examples of premium domains and their annual costs at Webhostifier:

  • Mortgage.shop $3,250
  • Online.tech $6,500
  • Great.blog $130,000
  • Get.fashion $2,700
  • A.homes $10,400

These are all great domains. If you could register them at regular prices, they’d probably make good investments. But it’s harder to turn a profit with the premium price that already assumes the person buying the domain is an end-user, not an investor. It basically takes the investor’s potential markup out of the equation.

Find domains with reasonable renewal costs

Even non-premium new top-level domains can have high annual costs. .AUTO and .INC domains cost over $2,000 per year regardless of the second-level domain. And .TICKETS domains are over $400 per year.

Less expensive domains might be relative bargains, but the renewal costs add up. Renewing just one .POKER domain at about $50 per year is the cost of renewing four or five .COM domains.

Domain investors call these renewal costs holding costs. It’s the cost to hold the domains over time until the right buyer comes along. Domains with lower holding costs are much easier to invest in.

Consider domain investor Swetha Yenugula. Swetha has made lots of money investing in .XYZ domains. Some of her sales include quest.xyz for $69,888, flip.xyz for $27,888, and optics.xyz for $19,888. She has also sold lots of .XYZ domains for about $2,000 each.

Swetha owns nearly 20,000 .XYZ domains! This is only possible because .XYZ domains are relatively inexpensive — currently, only $10.98 to renew at Webhostifier. That’s over $200,000 a year for 20,000 names, so her sales need to cover those costs.

Now, imagine if .XYZ domains cost $50 per year to renew like some domains do. That would cost her $1 million a year just to renew the domains! You can see how the economics are much harder for domains that cost a lot to renew.

Be careful with niche domains

One of the cool things about new domain choices is that there’s a domain for everyone…DANCE for dancers, .MARKETING for marketers and .CONSTRUCTION for builders.

The downside to super-niche domains is that they will only interest a small set of potential buyers. While anyone can use a .COM or .XYZ domain for a website, some names appeal to fewer people.

Geographic domains are an example of limiting domains. Artist.miami is great for an artist in that city, but you won’t be able to sell it to someone who lives anywhere else in the world.

And while the term best makes a great second-level domain, if you own best.plumbing, then people in other professions won’t be interested in the domain.

The new TLD opportunity

Recent sales show that new top-level domains can sell for a nice return on your investment. But you should be careful before investing in these top-level domains.

Evaluate the end-user market for each extension. Understand the registration and renewal costs for the domains. And consider how much it will cost to maintain your domain portfolio.

What to do after buying a domain name: 6 key actions

Moving is so relaxing — said no one ever. On top of having to physically move all your stuff, there’s a ton of admin tasks to handle like changing your address, forwarding your mail, setting up your home phone, letting your friends and family know your new address, changing your address on all of your essential documents…the list goes on.

Buying and setting up a domain can feel eerily similar to buying a house and moving all your stuff. Once you’ve finally chosen your domain name and purchased it, it may feel like the hard part is over, but there’s still a lot of setup and admin that needs to be done.

If you’re feeling overwhelmed, don’t worry. This post will cover the six key actions you need to focus on once you’ve bought your domain. This list will guide you through the most important steps, like figuring out a domain-specific email address and setting up a dedicated business phone system.

Let’s get started!

1. Find your domain name a home, aka find a web host

First things first — you’ve bought a domain, and now you need someplace for it to live. In other words, you need to choose a host and a hosting plan.

You have two options. Look for a stand-alone web hosting service or use a domain registry and web hosting combo service.

Odds are you purchased your domain name from a service that also offers hosting plans. There are a lot of companies that offer combined web hosting and domain name purchase. Buying both from the same service offers a lot of advantages.

First, you won’t have to worry about connecting your domain and your hosting service – they’ll sync from the get-go. Second, a business that offers combined domain and hosting services will often include extra package perks that will make your life easier in the long run.

For example, Webhostifier (you may be familiar, considering you’re here reading this article) is a popular web hosting and domain registry service.

You can register or transfer a domain name, host your website, and even create business cards all on a single platform.

2. Create a domain-specific email address

When you move into a new home, you get a new address. Getting a domain-specific email address is kind of like getting a new postal address. People need to know where you are and where they can reach you now.

Moving analogies aside, creating a custom email address that matches your domain gives you a professional polish that a gmail.com or hotmail.com account just can’t muster.

Luckily, most web hosting and domain registry services offer domain-specific email addresses as part of their plans. Most plans will come with one free email and the option to add more as needed, though some higher-tier plans may include multiple emails.

With your new domain-specific email address, you can go nuts — get business cards, make company coffee mugs, anything you can think of to market your new email, and get your business name out there.

3. Match social media to everything else

Domain name and web host — check. Domain-specific email address — check.

The next step: make sure your social media presence syncs up with your new website and email address. Check all your existing accounts, create new ones, and see if your exact business name, or something close to it, is available. You’ll want to make sure that the identity and tone of your business brand on Instagram, LinkedIn, Twitter, and other platforms sync up to your website.

It may be beneficial to check what social media names are available before you purchase your domain name, as it’s such an essential part of branding these days.

If you can’t get an exact match, try adding a unique label like an abbreviation for the country you operate in, such as CoolStoreUS or CoolStoreUK. As long as it’s close to your business name, it’ll work for your social media.

Try your best to use the same name across your social media profiles, so people don’t confuse your business with another account.

4. Register and trademark your business

Let’s say you just started a new customer engagement software company. You have a great company name, a website in the works, a domain-specific email address, and matching social media.

Before you pat yourself on the back, one of the most important things you still have to do to set up your business is to register and trademark your business name.

More than one million people filed trademark applications in 2019. As you can see in the chart below, that figure has been rising steadily since 2003.

You have several options when it comes to registering your name.

To register your business, you will need to decide if you want to operate as an LLC (limited liability company) or a corporation. Choosing between the two will depend on the nature of your business, how many people are in charge, and your tax circumstances.

Either way, you will have to file registration documents with your state’s agencies, but once the paperwork is approved, you’ll have a registered business.

Trademarking your business offers additional legal protection for your business. While some states allow for trademark registration, the most comprehensive choice is to trademark your business through federal trademark registration.

Federal trademark registration is more complicated and expensive, but it means your business name will be protected on a national level. It gives you more legal protection and operational range.

5. Get dedicated phone and fax numbers

You’ve set your business up with a dedicated website, email address, and social media, now don’t make the mistake of using your personal cell phone number for business calls. Not only is this unprofessional, but do you want to send out your personal number to anyone?

Invest in a dedicated small business phone system and fax line (which remains very useful for companies in the healthcare sector) to streamline your operations and cement your brand across communications.

Choosing a cloud based system is your best bet, as they often include additional features that can be a game-changer.

Take, for instance, Dialpad’s comprehensive cloud-based business phone system. You get HD calls across multiple devices and a variety of plans at different price points. You can also choose a local number or a toll-free number so customers can call you from anywhere.

Dialpad’s virtual fax system lets you send and receive faxes like emails, so no need for bulky, expensive equipment —– it’s convenient and eco-friendly.

A business phone system like Dialpad lets you bring phone and fax capabilities into the 21st century so you can make the most of your business, saving your personal phone number for friends and family.

6. Design and develop your website

Once you’ve moved into a new home and all the paperwork is signed, you get to paint, buy furniture, and make the home your own.

Once you’ve completed all your website admin, you can start to design and develop your website. Having a clear idea of your business and brand will help you design your website.

If the idea of creating a website sounds overwhelming, consider hiring a web developer to do the work for you. If you think you can handle the work, there are plenty of online platforms that make the process easier. WordPress is a popular choice, and it currently powers 39.5% of all websites on the Internet.

Once you settle on the design and content, don’t forget to develop your website as your business grows.

Create engaging content to attract customers and create leads. Develop an SEO strategy to make sure you’re optimizing keywords and links to generate traffic to your site.

Wrap up

So, a quick recap:

  1. Find a service that will help you register a domain and provide web hosting.
  2. Create a custom domain-specific email address.
  3. Match your social media account names to your domain.
  4. Register and trademark your domain.
  5. Sign-up for a dedicated phone and fax line.
  6. Design your website and develop content as your business grows.

Now you have six easy-to-follow steps to get started and make the most of your new domain. Once you have these key actions established, you’ll have a solid foundation to build on as your business grows.

In the end, setting up your domain will be a lot easier than moving — a real win for everyone.

4 ways Webhostifier customers use .INK domains

.INK is a versatile top-level domain name with lots of potential uses including publishing, printing, tattoos, and link shortening.

People have registered over 40,000 domain names ending in .INK, and Webhostifier is one of the top registrars people use to register the domain extension.

Here are some ways Webhostifier customers use .INK domain names.

Ink (as in publishing)

Ink is a common term used to refer to book publishing, periodicals, blogging, and getting press for a company.

One example of this use is author Joseph Holt, who uses holt.ink as a domain name for a website to share his writing and promote his latest book, Golden Heart Parade.

Bridget Pfefferle uses her .INK domain in a similar way. Rather than settle for a long domain that’s difficult to spell, Bridget registered bridget.ink. She uses it to showcase her services for billboard design, product brochures, web copy, and more.

Ink (as in printing)

Another great use for .INK is companies that print things.

Napkins.ink prints customized napkins and coasters. Customers buy its custom-printed products for weddings, store use, Bar & Bat Mitzvahs, and other special occasions. Napkins.ink is an easy-to-remember domain that explains exactly what you’ll find on its website.

Main Avenue prints vinyl banners and screen-printed printing, and also helps with online design such as graphics. It uses the domain MainAvenue.ink.

Ink (as in tattoos)

Tattoo lovers frequently refer to tattoos as “ink”, and .INK is a great domain name choice for tattoo artists.

Darkstar Tattoo & Design in Vancouver, Washington is a tattoo studio that takes advantage of this domain extension. It uses darkstar.ink to promote its studio and artists.

Link shortening is popular when sharing content on social media. .INK domains make a great domain hack that forms the word “link” at the end?

.INK is perfect for this. One Webhostifier customer set up rgal.ink for her link shortener. RGA are her initials. This enables her to create branded short links that point to the content on her main website.

Ink (as in you)

Is .INK right for you? It’s a great domain for publishers, writers, bloggers, printers, tattoo artists, and more. Even if you don’t fit in these categories, .INK might be a good choice for you.

Search for available .INK domains at Webhostifier and find your next domain.

Let’s talk about Terraform

As your chosen registrar, we want to help make your life as pain-free as possible when it comes to domain management. For this reason, we offer our customers the ability to manage domains with Webhostifier through Terraform. This incredible tool allows developers to manage, monitor, and provision resources without the need for manual configuration. 

Interestingly, Webhostifier Terraform provider was created by an independent developer for his own purposes, and it was passed on to us. With the help of our research and development team, we have improved the code to make it faster and more efficient. 

We are so proud that our talented customers are helping us to become better, and in turn, to provide a better service for all of our customers. 

What is Terraform?

HashiCorp released the software tool Terraform on July 28, 2014, to help users manage infrastructure as code (IaC). Without IaC, the infrastructure management of virtual machines, networks, etc., can be challenging to track, and errors can often occur. 

When working on a large project, the number of components and configurations can become bewildering and overwhelming. IaC helps to solve problems such as keeping the settings of individual deployment environments consistent. 

In other words, with Terraform, you can quickly create reproducible identical environments to help test your code. Development teams can easily collaborate, work across multiple data centers at once, and have more time to concentrate on other projects, secure in the knowledge that the infrastructure management is under control.

3 benefits of using Terraform

Let’s take a closer look at three benefits of Terraform for DevOps, Cloud engineers, and other IT professionals. 

  • Easy multi-cloud deployments – this helps companies of any size with provisioning and automation simultaneously across different cloud providers and local data centers. 
  • Easy module creation – users can package and reuse common code in modules, simplifying projects. These modules can be locked so that only one user can make changes. 
  • Lower development costs – with the easy creation of deployment environments and quickly created parallel environments, the time spent on programming is reduced, leading to reduced costs. 

If you would like to learn more about the benefits of this tool, please visit terraform.io.

That’s all folks!

Thanks for reading about Terraform. If you would like to know more, please contact our support team, who will answer any questions.  

Meanwhile, if you’ve still got some of your hot drink left and you’d like to read more, why not check out the following blog posts?

  • SSL certificate validation changes – whether you’re purchasing an SSL or have an SSL you need to activate, find out more about the upcoming changes to how SSLs are validated. 
  • Top domain sales of 2021 – learn about the year’s most significant domain sales (so far). One domain sold for $3,150,000!
  • What to do if someone impersonates you online – find out the steps to take if impersonation and identity theft happens to you.

The great startup boom

The pandemic has created a new generation of entrepreneurs — some by necessity, a lot by choice.

The U.S. Census Bureau reports that Americans filed 4.3 million business applications last year, a record number since the agency started tracking the data in 2004. And the number should be even higher this year.

Data from the Census Bureau show that the outsized surge started in summer 2020. Business applications in July 2020 were nearly double what they were in July 2019.

Think about what was going on in the summer of 2020. The economy had essentially shut down across much of the world. Businesses laid off workers or struggled to find a way to sell their products or services online. Many people started companies out of necessity: the musician who could no longer play live gigs, the yoga instructor who couldn’t teach in the studio, and the retail employee who needed to find a new living.

But people also started businesses because the pandemic changed their outlook on their careers. In a recent Salesforce survey, 57% of respondents said their main inspiration for starting a business was they always wanted to be their own boss.

The Census Bureau tracks business applications according to industry codes. Although the industry definitions are broad, there are some definitive trends in the types of businesses people are starting. We’ll explore some of the fastest-growing. And because we love domains, we’ll throw in a few suggestions for top-level domains if you’re starting a business in one of these industries.

Accommodation and food service

It may be surprising to learn that so many food and hospitality businesses started up during the pandemic. After all, travel went to a standstill, the government bailed out airlines, and many restaurants had to shut down or move to delivery/takeout only.

But this also meant a lot of people in these industries were looking for work. They started businesses with what they knew: entertaining people and cooking great food.

For some, this meant renting out an Airbnb property as a business. Others started catering businesses or food delivery services. And RV rental became a hot commodity. 

Business starts in this category during 2021 are nearly twice what they were in 2019, although this has started to decline as the year progresses.

You can expect a resurgent boom as people make up for lost time traveling the globe.

Starting an accommodation or food business? Here are some top-level domains you might choose: .RESTAURANT, . KITCHEN, .TOURS, and. VACATIONS.

Construction and real estate

Real estate values are soaring worldwide, and it seems that people can’t build houses fast enough. But they’re trying.

Seasonably-adjusted applications to start construction businesses hit an all-time high in May this year. More people are starting real estate businesses, too. Real estate business formations this year are more than a third higher than in 2019.

Here are some domains that are a good fit for construction and real estate companies: .CONSTRUCTION, .PROPERTY, .CONTRACTORS, or .REALTY.

Retail trade

Retail is a big category. And while brick-and-mortar businesses adapt to the new reality, e-commerce is on a tear. 

This segment has benefited from consumers flush with cash. As American consumers deposited stimulus checks, they also cut back on entertainment and travel spending. That money went into buying stuff. If you’ve tried to order at-home goods like a hot tub this year, you’ve faced a long wait. Some of this is due to supply chain challenges, but it’s also because people are spending their money on things they can enjoy at home. 

Census data shows July 2020 as the highest month ever for business applications for retail trade. Many of these were for people starting online businesses selling everything from candles to clothing to electronics.

There are a lot of domains that work for different types of retail businesses, such as .CLOTHING and .FLOWERS. Or, consider a more generic extension like .SHOP or .STORE.

Arts & entertainment

This is another category that has boomed in part due to necessity and in part due to changing demand.

On the necessity side, live performers had to find a way to entertain in a new way. They started podcasts and online shows. 

On the demand side, cooped-up consumers went online in search of ways to entertain themselves. 

Here are some fun domain choices for arts and entertainment: .ART, .MOVIE, .SHOW, and .FILM.

This boom will last

The record rate of new business formations might slow down, but it seems like entrepreneurship is becoming a new normal. The pandemic has been hard on everyone, but it has also given us time to reflect. What do we value? What do we want to do with our lives? For many people, the answer is to be their own boss.

[NEWS] Noteworthy tech news of 2021

The year 2021 is just about to draw to a close. It’s been quite a year, as you’d probably agree. In this, our final tech news roundup of the year, let’s look back at some of the most intriguing stories we featured through the year.

  • ABBA performing again—as holograms. Sweden’s beloved band ABBA released a new album Voyager and then announced a series of concerts with a twist. They planned to wear holographic suits while they performed that would allow them to appear as they looked when at their peak in 1979 (rather than as septuagenarians).
    • Twitch hack exposes top earners. The interactive live video streaming service Twitch got caught with its digital pants down when hackers exploited a server misconfiguration and accessed huge amounts of user and company data, including earnings by top Twitch streamers. Many decried poor security protocols while others had concerns about how much certain streamers made on the platform.
  • Dogecoin takes off. Dogecoin, a cryptocurrency inspired by a meme of a rescue-dog named Kabosu, became a sensation after tweets from Elon Musk, Snoop Dogg, and Gene Simmons in late 2020 and early 2021. A subsequent  flurry of social media activity pushed the value of Dogecoin upwards, leading to an increase of over 14,000% in just five months.
  • Ransomware extends tentacles across the world. Over the past year we’ve reported on several ransomware attacks, but none quite as chilling as one over the summer that hit over a thousand small businesses internationally. Authorities pointed to REvil, a Russian-linked organized crime gang, as being behind the attacks. But then in October several law enforcement groups banded together to shut down the REvil servers and then in November, the US Justice Department announced that one of REvil’s hackers was arrested and millions of dollars seized.
  • Hackers tackle pirates. In an ironic twist of fate, antivirus provider Avast discovered malware dubbed Crackonosh hidden within many pirated versions of popular video games. Some of the games affected include pirated versions of Grand Theft Auto V, The Sims 4, Fallout 4 GOTY, and NBA 2K19.
  • Robots were everywhere. This year we’ve featured stories about robot dogs, robots running races, and even robots with human mannerisms. While we might not all have personal robot pals yet, it seems like they’re right around the corner. Here’s a video of a robot dancing to open out 2021. Who knows what they might accomplish in 2022?

 

Domain investor terms

Domain investors often use shorthand and terms that might not make sense to the uninitiated.

For example, a domain investor might say, “I hand-regged a bunch of domains because the drop and the aftermarket are too expensive and full of frontrunners. I parked them to earn PPC.”

If that sounded like a bunch of gibberish to you, then this post is for you. Let’s define some of the terms you’ll hear amongst domain investors.

Terms domain investors use

Here are some examples of common jargon used by domainers when talking about their domain investments and the process of registration.

  • Aftermarket – This is a catchall term for buying and selling domains that are already registered.
  • Auth Code – Short for authorization code, this is the code needed to transfer a domain name. When you buy or sell a domain, an authorization code is usually required to transfer the domain. This is sometimes referred to as an EPP code.
  • Backorder – Some expired domain catching services require you to register your interest in a domain name before it expires. This is called a backorder. If more than one person backorders an expiring domain, there’s usually an auction to determine who gets the domain.
  • BIN, Make Offer – These terms refer to the two different ways people sell domains. BIN is short for “buy it now”. A domain investor who sets a BIN price agrees to sell the domain at that price. The alternative is to set a domain to “make offer”, which means the domain isn’t priced and the domain owner wants prospective buyers to make the initial offer.
  • C, N, L and C/V – Each of these letters has a different meaning and can mean something different in various contexts. When referring to the length of a domain, C is character, N is number, and L is letter. So a 3L domain is three letters long, a 3N domain is three numbers long, and a 3C name has three characters, meaning a mix of letters and numbers. C takes on a different meaning when looking at character patterns. C and V are used to represent consonants and vowels in a domain. A CVCV domain takes the form consonant-vowel-consonant-vowel. Domains with vowels can be more valuable if the character string can be pronounced.
  • Cybersquatting – Cybersquatting is registering a domain name to take advantage of a trademark or brand name. Domain investing is not cybersquatting because domain investors focus on non-infringing domain names.
  • Domain hack – A domain that uses both the left and right sides of the dot to form a word,  phrase, or shortened version of a word. Here are some examples.
  • (The) drop – This refers to expiring domain names when they “drop” from their registered status. Domain investors often say they got a domain “in the drop”, which means they bought an expired domain.
  • Dropcatch – This is a catchall term for buying domains as they expire.
  • Frontrunning – Frontrunning is the dubious practice of trying to sell domain names you don’t (yet) own. The most common type of frontrunning is when someone tries to find a buyer for a domain that is expiring. If they find a buyer, they then try to win the expired domain and sell it to the buyer they found.
  • GeoDomain – A domain that refers to a location. This could be the name of a city, state, county, or country by itself, or in combination with another word (such as cityPlumber.com).
  • Hand reg – A hand registration, often shortened to “hand reg”, is a domain that’s available for registration at regular prices. When you hand reg a domain, it means you go to a domain registrar like Webhostifier and register the domain rather than buying it from someone who already registered it or buying it in the drop.
  • Parking – Domain parking is when a domain owner “parks” a domain with a simple landing page. Usually, this refers to a landing page with ads on it, but the term can also refer to other types of landing pages.
  • PPC – Short for pay-per-click, this is the primary type of monetization on parked domain names. The page has ads that generate revenue for each click.
  • Reverse Domain Name Hijacking – When a trademark owner files a cybersquatting case in bad faith to get a domain that is not cybersquatting, they are said to have attempted reverse domain name hijacking.

Your newfound knowledge

After reading this list, you now know what “I hand-regged a bunch of domains because the drop and the aftermarket are too expensive and full of front runners. I parked them to earn PPC,” means. You will no longer look like a newbie in domain investor conversations.