Bye, Cloudflare!

Introduction

Everybody ever seen that page with title “Attention Required! | Cloudflare”, which forces you to complete some sneaky CAPTCHA. And this is very annoying, specially if you use TOR (not only browser, but network) for privacy reasons, or to circumvent censorship. But this is not only issues with Cloudflare (lets call it simply - CF), there are a few more articles about them: 1, 2 and 3 for details.

Problem

I have been used to serve DNS requests for this domain by CF network, only because it is very fast provider with fancy API and DNSSEC support, but after small research, I found nicevps.net provider, which promotes as uncensored and private one.

Solution

So, nicevps.net pretend to became chosen domain registrar for sergprog.xyz transfer. Most important feature for me is DNSSEC support, which is provided according to product page.

nicevps.net

Unfortunately, transfer and renew price is higher here (nicevps: €11.99 / €12.00, CF: $8.00), but you can pay with cryptocurrencies! Another nicevps opportunity is fully anonymous domain registration - you can use TOR mirror and provide none of PII. Even more - cryptopayments gateway done on their side, so no info shared with third parties. Very nice.

Transfer done quickly (less than hour), however, there are no import/export functionality in nicevps’s hPanel. Anyway, I have been copied all my DNS entries manually 😠.

One more minus is manual DNSSEC activation - it requires writing ticket to support (maybe only if domain was transfered), but this is not so problem, because they respond quickly enough (1 hour) after doing all required work on their side (signing zone). Then you have to add some DS records in panel. Not so simple like CF does, but still good.

So, to overall nicevps vs. CF comparison:

? means not advantage neither flaw

Conclusion

If you really want to enhance web decentralization, stay anonymous, care about privacy or don’t want to support world biggest MitM - nicevps.net is really good choise as registar, but consider to search some DNSSEC-supported DNS hosting (dns.he.net plans to add DNSSEC 😏). Anyway I recommend you to done own research and find your trusted provider from current ICANN-accredited registrars list (or .xyz ICANN-accredited registrars list for .xyz domain, like this one).

Thank you for reading! Let’s make Web great again!!!