Domain Transferred to CF De-Activated, Website Replaced by Advertising


#1

Has anyone else lost control of their domain after transferring it to Cloudflare Registrar?

About a week ago, I transferred a domain to CF Registrar. My payment for the transfer was confirmed by email. The success of the transfer itself was confirmed by emails from both CF and the losing registrar, and the WHOIS record lists the registrar as CF. The domain appears within my CF dash as “Registrar: Cloudflare, Expires: Feb 18, 2020”. The domain is no longer listed at the old registrar, even as an expired domain.

The name servers at the old registrar pointed to CF, which is necessary in order for a transfer to CF to proceed.

Today, the name-servers suddenly changed to the losing registrar’s expired domains name-servers, as would have happened if I had left the domain at the losing registrar and allowed it to expire. This is clearly an error as, at this stage, the losing registrar should have no ability to change anything to do with the domain, CF should have sole control of the name servers.

My website has now been replaced by an advertising page (benefiting the losing registrar) and emails can no longer be received.

In automatic response to the name-server change, CF has de-activated the domain within CF - the domain’s current status is “Moved”. The dash instructs me to re-activate it by changing the name servers back to CF name-servers, but this is impossible because CF provides no interface to change the name servers. In theory, this situation should be impossible because, as CF is the registrar, the name servers should already be locked to CF.


Transferred domain to CF changed nameservers to old register
Name Serves Changed on the Way Out
I lost my domain when i transfer it to cloudflare
#2

You’ll want to open a support ticket. For my own curiosity, before transferring, when was the domain set to expire and what is your domain?


#3

I transfer all my domains before expiry at their old registrar. The transfer process takes about 3 minutes. This is the first time I have seen this, after about 170 transfers to CF. The domain is TransferBond.com.

I have submitted a support ticket, and I am sure they will resolve the problem when they respond in a few days times. In the meantime, I have asked the community here in case this is currently a common problem - I have noticed that CF, in general, has been a bit unreliable lately (API outages etc). If this is a known problem, I will stop transferring my domains until after it has been resolved - the loss of a website, even for just a few days, damages search engine rankings.


#4

Again, just taking a shot in the dark here but ICANN shows Cloudflare is your Registrar and that the domain was created 2007-02-18. If you transferred on the 18th or just before it was set to expire, it may be in limbo until the transfer completes. That can take a week.

https://whois.icann.org/en/lookup?name=transferbond.com


#5

Thanks for the input @Withheld - this is such a strange glitch that shots in the dark are all we really have :smiley:

My own understanding is that, once you have made the final authorization at the losing registrar, they release it and the winning registrar then becomes the sole authority.

There can be a delay if the domain owner is slow to provide the final authorization or, in at some registrars, there may be a forced waiting period of five days, during which time the losing registrar remains the sole authority. Once the domain is handed-off, however, it all happens within seconds and the propagation of the new WHOIS details is very fast these days, just a few minutes.

Once the root registry (ICANN) has confirmed the new registrar’s authority over a domain, it should be impossible for the old registrar to submit any changes to that domain’s record, unless the domain is transferred back to it.

This would usually be a trivial problem because the domain owner could simply change the name servers back to whatever he wanted, but CF Registrar does not yet provide a way to do that.


#6

hi there , i am facing the same problem, my domain was registered with godaddy, and it was transferred to cloudflare, and the process took couple of minutes , the nameserver in the godaddy ns19.domaincontrol.com and ns20.domaincontrol.com which i was unable to change or edit from my end. and now when i log into godaddy i cant find my domain , and i even contacted cf and submitted a ticket which sends me an automated email response stating me to change my nameserver to the one which cf provided me which is not at all possible. now i am struck in nowhere and my website is down since last 4 days. i need help in resolving this issue as soon as possible as i am loosing business.
my domain name is deception52.com


#7

Hi @kunal10002003,

Yeah, I got the same cut n’ paste reply, completely irrelevant to anything I mentioned in the ticket. Frustrating.

I understand that delaying support by 3 days is an important strategy to push domain customers towards upgrading, but the Registrar team should have some form of triage to identify, when they first arise, errors that are likely to inflict long-term damage on Cloudflare’s reputation. At-cost domain registration is a brilliant marketing strategy for Cloudflare as a whole … but not if it means that major errors cannot be corrected in a timely manner.

What has happened here, to at least Kunal and myself, would horrify any domain owner: you lose control of your domain and have no mechanism to do anything about it. A delay of 3 days, during which other content is displayed, is certainly enough to torpedo your search engine rankings - Google would interpret that as a “bait n’ switch” infraction.

If this error has happened and been reported here at least twice within 24 hours, it is likely affecting many more people; most users are probably unaware of this forum. Tickets such as ours - alerting the Registrar team to an unexpected technical problem - should be seized upon as an opportunity to quickly fix a system error before it causes real financial losses to customers.

Tagging @SamRhea into this post, just to ensure he is aware of this issue.


#8

Hi @kunal10002003, securitytrails shows your cloudflare name servers starting about 16 hours ago, https://securitytrails.com/domain/deception52.com/history/ns, it also looks like the dashboard shows the change, although whois is still lagging. The domain is shown as on Cloudflare, I’m seeing a DNS_PROBE_FINISHED_NXDOMAIN error when I hit the page.


#9

Hi @imappoet, I see your ticket from yesterday and the support reply. It looks like your old registrar replaced your name servers with:

$ dig ns TransferBond.com +short
expired-domain-ns50.fabulous.com.
expired-domain-ns51.fabulous.com.

About 16 hours ago, security trails showed these as:

myns2.fabulous.com 
myns1.fabulous.com

But. I don’t see any indication that the zone was added to cloudflare nor that the name servers were changed to cloudflare (nothing here, https://securitytrails.com/domain/transferbond.com/history/ns) and no confirmation in your account.

The process should be sign a domain on cloudflare, get name servers, change name servers, and then if you want move domain to cloudflare registrar. Note that registrar only supports transfers of domains that are active on Cloudflare.


#10

Hi @cloonan thank you for letting me know about the security trials this but global dns still shows my old dns NS. though cloudflare NS has taken that place ,but why am i still getting DNS_PROBE_FINISHED_NXDOMAIN ? if there are any solution to this please let me know in priority .


#11

Hi @kunal10002003 this tip goes into the error in detail, Community Tip - Fixing the DNS PROBE FINISHED NXDOMAIN error. I suspect it’s a timing issue, #2 in the tip, but am digging some more…


#12

@cloonan Thank you for taking the time to respond, I appreciate your help.

TL;DR No domain can be transferred to Cloudflare without using Cloudflare name servers. Once transferred, there is no way for the user to change those name servers to anything else. If a domain’s declared name servers change AFTER Cloudflare Registrar has taken control of it, that change cannot come from the user. This is a system error, whereby the losing registrar has somehow triggered a name server change AFTER the transfer to Cloudflare has completed.

If you check the public WHOIS record for transferbond.com and Kunal’s domain, deception52.com, you will see:

Registrar: CloudFlare, Inc.

My transfer completed successfully on Monday, Feb 21st. This name server change occurred on Thursday, Feb 25th.

I am not familiar with the SecurityTrail.com service, but I can see that they do not check each domain’s record with sufficient frequency to catch all changes and, indeed, are clearly wrong about the current name servers for both domains.

In the case of my domain, transferbond.com, for “today”, they have [myns2.fabulous.com, myns2.fabulous.com] whereas the WHOIS has had [expired-domain-ns50.fabulous.com, expired-domain-ns51.fabulous.com] for at least the past 48 hours and, for the week or so prior to that, the CF name servers necessary to transfer the domain to CF Registrar.

Logical proof: the transfers could not have happened without Cloudflare name servers being declared, but the SecurityTrails page you linked to makes no mention of any Cloudflare nameservers.

The name servers they claim for today have not appeared on that domain’s WHOIS record for at least two weeks. I would guess that they poll on a monthly basis.

Just to re-iterate, we are not talking here about problems transferring domains to Cloudflare. The transfers to Cloudflare have already been paid for and successfully completed, with the domains using Cloudflare name servers. This change occurred later, while the domains were theoretically under Cloudflare’s sole control. Something triggered a change to name servers associated with the old registrars, suggesting the change came from there. Again, users currently have no way to edit their name servers.


#13

I assume this will be sorted out in time. deception52.com does seem to be having issues:

$ dig NS deception52.com @g.gtld-servers.net

;; AUTHORITY SECTION:
deception52.com.        172800  IN      NS      ns19.domaincontrol.com.
deception52.com.        172800  IN      NS      ns20.domaincontrol.com.

And the DNSSEC configuration is pretty bad. I guess you had DNSSEC enabled at the old registrar? http://dnsviz.net/d/deception52.com/dnssec/


Also: try not to rely on WHOIS for obtaining the current nameservers. The registrar very well could be having issues. Instead, use DIG or some online nameserver lookup tool.

$ dig NS transferbond.com @g.gtld-servers.net

;; AUTHORITY SECTION:
transferbond.com.       172800  IN      NS      isla.ns.cloudflare.com.
transferbond.com.       172800  IN      NS      ken.ns.cloudflare.com.

#14

I see support is making the change @imappoet , will check in a bit to see if it is picked up.


#15

@Judge Interesting. My experience, so far, has been that I cannot even get domains added to Cloudflare to activate if they have an old DNSSEC record on the registrar’s system, and it appears to be a huge problem for registrars to completely delete such records, often has to be done manually by support.

In the case of the domains I have managed to add to Cloudflare and activate, and which I am therefore in a position to request a transfer for, none of them have DNSSEC issues, including transferbond.com. I wonder what Kunal did differently?


#16

@cloonan Yeah, engineer Laurie said he will change the domain’s name servers back to the CF ones that were there previously. Nothing yet, I am crossing my fingers that the old registrar has not somehow accidentally retained sole control of the domain :crossed_fingers:

EDIT: Yup, I see the change reflected now when I visit the domain via a proxy. Excellent, thanks everyone :champagne::beer:


#17

According to GoDaddy DNSSEC is removed and is is under the control of CF. And it is clearly reflecting in my CF dashboard. I have also talked to GoDaddy and they has no control on my domain anymore as they have already transferred it to CF. Today when I check my is record at whatsmydns it shows Error: Token mismatch. No don’t really know what to do. Please guide . And for your reference I can’t even see my domain name at GoDaddy through which I can change the NS.


#18

Can someone please help me with the situation, as I contacted GoDaddy and they always give me the same story that my domain is transferred to CF and they have no control over it. Now on my CF dashboard it show that nameserver is pending whereas in whois it is clearly showing that my registrar is CF . I am also adding the screenshot of it. Someone please help me get back my domain.


#19

Godaddy is correct that the domain has been transferred. The only further solution is CF’s support making the change. If you do not already have a support ticket open, go ahead and make one.


#20

@Judge thank you for the suggestion, let me create a ticket now and see how long does it take to get resolved.