Previous provider left domain vulnerable

I have a new client, they broke ties with old provider. That provider has done something to the domain. The domain REGISTRAR is CloudFlare. Since I can only email support, I am having a terrible time getting my issue across to get it fixed. They keep robot emailing me the standard boilerplate answers telling me to change the Name Servers to CloudFlare. But I cannot. The domain is broken, possibly held hostage. The previous provider I believe was doing unethical things. So they cannot be contact or involved.

The domain appears to be attached to my CloudFlare account, but I cannot manage it, I cannot change the Name Server entries. Support does not seem to get this point and repeatedly repeats to “just change the name server in your registrar”, but CloudFlare IS the registrar. When I go to “Manage Domain” the screen goes blank, and begins glowing greyscale at me, never coming up with any controls or information. I can change DNS entries, so it seems I have partial control.

I can’t get a human to talk to me to discuss what has been done and just fix it.

If any CloudFlare support person is out there reading this, I have a business that has been left without a website and email for over a week now.

I have to go salvage the Office 365 mail system, but I cannot do that until I have control of the DNS for the domain.

Please Help.

You cannot change nameservers for your website away from Cloudflare if you use CF as your registrar.

You do - CF is your DNS provider. You should add whatever new DNS records you’d like to the DNS section of the dashboard to manage it.

Can you give more context? What did they do? Does it just not work?

2 Likes

I have left the domain name out of the WHOIS, but below, the WHOIS for the domain in question is clearly CloudFlare. The Name Servers listed are CloudFlare, but they are telling me in the support to change these to other Name Servers, also CloudFlare. They say that the domain IS attached to my CloudFlare account. But if I go to “Manage Domain”, the screen just goes blank.

I’ve tried other browsers, this is a back end issue.

Registry Domain ID D402200000003541913-LROR
Registrar WHOIS Server cloudflare
Registrar URL cloudflare
Updated Date 2020-09-09T01:48:27Z
Creation Date 2017-09-08T17:21:17Z
Registry Expiry Date 2021-09-08T17:21:17Z
Registrar CloudFlare, Inc.
Registrar IANA ID 1910
Registrar Abuse Contact Email [email protected]
Registrar Abuse Contact Phone +1.6503198930

|Registrant Organization |DATA REDACTED|
|Registrant State/Province |DATA REDACTED|
|Registrant Country |US|
|Name Server |SUE
|Name Server |GREG
|DNSSEC |unsigned|
|Last update of WHOIS database |2020-09-14T21:48:23Z|

Sorry I cannot put the entire link to the name servers, the forum will not allow me to have links because I’m new.

Sorry I canMy dashboard says this:

  1. Log in to your registrar account

Determine your registrar via WHOIS.

Remove these nameservers:

sue…

greg…

2. Replace with Cloudflare’s nameservers

Nameserver 1

adaline…

Click to copy

Nameserver 2

mcgrory…

Click to copy

Save your changes.

Registrars typically process nameserver updates within 24 hours. Once this process completes, Cloudflare confirms your site activation via email.

Hi @mike21, I see your tickets, have made some notes on them to tie them together, added myself and a link to this thread. I’ll reach out to the engineers on next steps.

As background & to address a question in your ticket, while the domain may not be active in your account, once you attempt to add a domain it will shows as pending in your account, hence the reason for the notices about domains in your account that are not yet active/over which you do not yet have control.

Thank you, please let me know what I need to do.

I am waiting on Microsoft to get back to me on the orphaned Office 365 account tied to that domain. The previous provider really took pleasure in messing this up for us.

Cloonan,

I am looking forward to a solution. My client is still down with DNS and Mail until this is resolved.

Any further information?

Thank you very much.

MikeyJ

HI @mike21, I see the team is active on the ticket and I have reached out for an update and will share when received. Sorry for the issues.

1 Like

Cloonan, I was just denied any sort of help.

Really I need someone from support to CALL ME, so I can get the client on the phone so they can speak with the OWNER and get this solved. Support is not been any help. They are concerned about security, but every moment that they delay, they are allowing a company to unethically expose the client domain and services to failure and compromise. So much for protecting the security of the owner of the domain. Especially when they won’t let us discuss the issue. I am appalled at CloudFlare’s lack of attention to the issue.

Remarkable lack of professionalism.

Let me see if I can take a stab at what’s going on:

Your client hired someone to set up their domain. This “contractor” registered the domain in their Cloudflare account and created the website.

Now this contractor is long gone, and you’re trying to take control (rightly so) of your client’s domain?

Correct.

The “contractor” is still in business, but this is the second time they have pulled this hostage business on a domain. They should be put out of business, and I imagine if they keep wronging clients, it is a matter of time before this nasty behavior catches up with them.

At this point, only the rightful owner of that domain (your client) should be in communication with Cloudflare. I suggest you have them set up an account here and open a ticket so they can directly work with Cloudflare on this. Domain names are extremely valuable assets and need to be closely guarded because recovering a stolen domain is extremely difficult, as you’re now discovering.

2 Likes

Also, use the contract they have signed with the contractor to at least a lawyer and make them write to the bad actor.

2 Likes

CloudFlare has abandoned this client, they don’t care that the domain was taken hostage, and they have capitalized on the fact the client is just not willing to go through the process to try to talk to support about it.

In her words, “If you, with all your knowledge and experience, was not able to get this fixed, how am I possibly going to be able to do so? I don’t even know what a domain is.”…

Sums it up.

I understand that you’re frustrated, but as I explained, domain ownership is very complicated. Just take a look at the s e x .com domain (don’t type it in, but look at the history). That one took five years to recover.

She’s not their client.

She needs to change her attitude. I’m not saying she has a bad attitude, but she needs to think positive because she can see this through.

This is easy to answer. The domain doesn’t belong to you. You can’t fix it. It’s like trying to sell someone else’s car without their personal involvement. To say that Cloudflare doesn’t care…the opposite is true. They’re not going to give her domain away to just anybody. You’ve come along and are trying to take over a customer’s domain. If it’s important to your client (and you), then you’ve gotta walk her through the process.

This can be fixed. It’s just going to take some hard work to undo the mistake she made the first time around.

So you probably have a ticket, and they’ve probably asked for some sort of proof of ownership. @matteo’s suggestion of a copy of the contract for this work should help. If the domain is a company or personal identity, that should also be provable.

3 Likes

Alas, fear not, that ship has sailed.

We’ve purchased a new domain elsewhere, and opened up a new Office 365 account elsewhere, and have declared the old domain and all of the information within it a casualty of identity theft which CloudFlare has helped to propagate.

Please do not make excuses for CloudFlare’s lack of attention to this. The owner of the domain is not tech savvy and why they relied on me to come through on this. But CloudFlare tied my hands. My client does not know how or what to communicate to the support group, they don’t know the terms, the functionality of what it is CloudFlare even does for her. It frankly needed to be a 10-20 minutes phone conference call between me, the owner, and support. It would have solved everything in short time and I wouldn’t be on my soap box now.

There is no repair of the relationship of my customer (who IS the true owner) and the fraudulent ethically challenged and morally corrupt previous provider that chose to hold the domain hostage. Karma is a bitch, and that company clearly cannot survive if this is how they do business. Their business cannot implode fast enough in my opinion. But the fact that CloudFlare would side with them, the bad guys, and not provide a way to properly work the problem with us instead of putting up the strongarm and shunning the good guys.

EVERY ONE of your clients, no matter how small, should be viewed as you Enterprise client. That’s how I treat all my customers. I feel that this whole issue would have been solved quickly and to YOUR satisfaction if you just had a bloody phone number to call and people to talk to. Questions to the owner could have been asked and answered, facts taken and evaluated and resolved, if the owner, I, and support could have just spoken … on a phone call… like people do. Instead CloudFlare hides behind the disjointed and unattached and slow moving and impersonal method of only phone support. CloudFlare is like a millennial child who refuses to pick up a phone and talk to people, instead of hiding behind the social media tools that have driven this country to the brink of bipolar dis-functionality.

From now on, I will always denounce the use of CloudFlare to my vast number of clientele. You have not shown me to be a trustworthy provider. I will blog about this. I have contacted a number of entities that deal with providing information about company antics, and they are not favorable. Sure it may do nothing, but if I can save ONE person from making the uninformed decision to use CloudFlare for any reason, my work is done.

You could have saved everyone time and money and business continuity if you had worked with us. Instead you worked against us. If you aren’t with us, you were obviously with them, the identity thrives, the hackers. That’s how you have shown your loyalty in this instance.

You can defend CloudFlare, but it doesn’t make our position any less valid. CloudFlare, Huge Fail.

Sad.

1 Like

Also, in ALL the time dealing with support, they NEVER once offered us any information they would require that we could have provided to authenticate this owner. They just kept repeating the same “Line 15 of the standard responses to any questions” questionnaire document. They never once said, here’s what we need. 1) this, 2) that, 3) the other thing, and presto, we have authenticated you.

Just denial of services.

I can’t actually check without screenshots and the actual domain name, but I’m assuming you’re in the following situation:

  • A former contractor has control over the domain name via their own Cloudflare account
  • You’ve attempted to move the domain name to your own Cloudflare account, but are unable to do so because it’s registered via a different account
  • The former contractor is unwilling to release the domain name

If you currently have control over the Cloudflare account to which the domain name is registered, none of this applies, and it’s most likely a technical issue, not a legal issue.

Generally, registrars–in this case, Cloudflare–can’t transfer control of domain names in these situations, regardless of whether your client is the rightful owner. They’re bound by contracts with registries and ICANN that prevent them from stepping in. In this regard, Cloudflare is no different from any other registrar. They absolutely cannot grant you control over the domain name without proper legal proceedings.

Typically, the way you’d go about regaining control over the domain name would be via UDRP. This generally involves hiring a lawyer who specializes in domain names. You could also go to a traditional court, but I believe UDRP is more common. If your client wins the UDRP, ICANN grants them control over the domain name. However, I am not a lawyer; you should talk to someone who is.

Think of it like an apartment complex. If someone who lives in the apartment complex steals your television and puts it in their apartment, you can’t go to the landlord and demand that they walk into the apartment and give you the TV back–even if your name is plastered all over it, it would probably be illegal for the landlord to barge in and seize the TV. You’d need to take the matter to court. It’s no different here; Cloudflare is the landlord, and the domain name is the TV.

1 Like

Today we attempted to reach out to the questionable provider to get one last chance to get control of the domain. This is his response.

“Website has been gone since the beginning of the year, we sent an invoice back in January as well as many reminders for the invoice to which you never replied. So the website was shut off, I believe in March for non-payment. Because of this your domain has expired which i believe happened a week or two ago and that would cause email to stop working. We sent you an email about one month prior to your domain expiration as well as info on how to transfer it to your name so it won’t expire, we never received a reply to that email either.

So that’s about it, we no longer have control of your domain or provide any services to you at this time. Unfortunately because the website has been deleted in March, we no longer have a copy of it so we won’t be able to restore it.

Best regards.

Sly”

So according to the provider, HE no longer has control, the owner no longer has control, WHO HAS CONTROL NOW?

Seems to me that you are absolutely free to relinquish control back to us.

This is how the guy runs his business. Send a couple emails that get missed or overlooked or trapped in spam, and he takes no accountability to try to fix the issue… nope. Stop services… Close, Cancel. Halt. Done. Dead.

I would have made a few phone calls to verify that my client got their bills and were aware of the pending expiration.

Absolutely Amazing.