homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / WebmasterWorld / Domain Names
Forum Library, Charter, Moderators: buckworks & webwork

Domain Names Forum

Whois personal info.
How to get rid of it for security reasons

 5:04 pm on Jul 29, 2005 (gmt 0)

I'm not a paranoid person. In fact, if I had a normal past I wouldn't care much.

But having my information readily available on the whois database is a little disconcerting. Even though i'm out of the service now I wasn't exactly a cook or waterboy. Having a direct address for someone like myself is not only a violation of OPSEC & PERSEC, but a serious threat to my family. Especially given the times…

How can I get them to erase my information? I don't care if they leave an email present but my home address is unnecessary.

Also, are there any other databases I should look into besides whois?

Thanks in advance.



 6:10 pm on Jul 29, 2005 (gmt 0)

How can I get them to erase my information?

You can’t.

You only have the following options:

1. Use your registrar’s privacy service if they offer one.

2. Use a PO Box or a different mailing address, an email for spam (but whitelist
your registrar’s emails), and a phone with voicemail.

Bottom line, you can’t force them to remove or hide your WHOIS info except for
those options listed above. If you ask why, there’s a higher “governing body” out
there that requires them to do so.


 8:19 am on Jul 30, 2005 (gmt 0)

I just use a fake name and address. The address being in a different country, preferably in a third world. Sometimes I even use a foriegn embassy located in a host country.

Use a working email, which is
attached to a domain with phony who is, then redirect the email to a different email wich is hosted at a free email service, which you signed up with using false info and used an email for confirmation which goes back to a domain with false information.

If you want to be more untracable you will need to pay your domain using a CC or PayPal which is not tracable back to your name and address, IE: Delaware corporation.

Remember that domains by proxy information is still available if the company is served with a subpeona and/or asked for by government officials.

You can go farther than this, just depends how deep you need to be.


 11:18 am on Jul 30, 2005 (gmt 0)

This is my same problem I posted starting the following thread a few hours ago [webmasterworld.com...]

Registrars can offer a 'privacy service', among them GoDaddy, but the question I place is concerning the legal owner of the domain as your domain is registered in the name of Domains By Proxy.


 1:17 am on Jul 31, 2005 (gmt 0)

I understand that there is a bill pending in Congress that if enacted will make falsifying WHOIS information a crime punishable by up to 5 years in the hoosegow. So things are going to get worse, not better. My practice is to use a stealth email like uvw@xyz.com and a POB. Use initials for first and middle names. Give them as little although correct information as you can. Currently using false information for WHOIS can be cause for forfeiture of the respective domain name. This requirement apparently is largely honored in the breach and not enforced. But one day the requirement will be enforced, and I wouldn't want to be number one in line, you know, the poor sucker who sets the precedent.

John Carpenter

 7:03 pm on Aug 4, 2005 (gmt 0)

If nothing unexpected happens, Domains By Proxy will be forbidden for .us domains. All existing .us domain names whose WHOIS records do not contain valid information will have to be "fixed" (the ban is retro-active). In this context, Domains By Proxy whois records are considered invalid.

Godaddy tried to complain about this in Washington, along with other corporations, but AFAIK their complaints were rejected.


 8:25 pm on Aug 4, 2005 (gmt 0)

Thinking ahead, definately getting a pobox or mailbox service... and then getting something like a skype phone number in a different city perhaps.. Enough to keep things seperated.

This proposed legislation is way across the line. Me thinks they must have invoked the phrase "kiddie porn" at least once in bringing it to the table.

I wonder how they would determine if information was invalid to begin with.. What is the requisite test that information is invalid. People can have many addresses and phone numbers where they are accessible and e-mails are a dime a million.

John Carpenter

 8:53 pm on Aug 4, 2005 (gmt 0)

I wonder how they would determine if information was invalid to begin with..

They don't have to. All they need to do is make it illegal. That itself will force 99% of people to provide valid information.


 6:11 pm on Aug 5, 2005 (gmt 0)

What is the requisite test that information is invalid.

I have the same question. Anyone have a link?


 8:18 pm on Aug 5, 2005 (gmt 0)

I just use a fake name and address.

I wouldn't recommend this as it can cause you to lose your domain name if it is challenged.

From the randoms emails sent out by registrars to be compliant with ICANN rules:

Please remember that under the terms of your registration agreement, the provision of false WHOIS information can be grounds for cancellation of your domain name registration.

The best thing to do would be to use the Private Domain/ID Protect or Domains by Proxy service that is usually provided by the place where you register your domains. Most of the larger domain registration places offer this service.


 4:33 pm on Aug 12, 2005 (gmt 0)

I work out of my home and don't want my home address out there either. I use a PO box for the contact address. I list my name as Domain Admin instead of John Doe. I see job titles used a lot on whois instead of really names. If you have a high profile domain that you think someone will try and put you in arbitration for then you must follow the rules to the letter but if this is a personal domains or a small company then it is much less of an issue.
In the last few years I have got nothing important through the mail from the registrar, registry or anyone for that matter related to my domains.
Just make sure you have a valid email address for the contact.
All important communication is handled by email.

John Carpenter

 2:40 pm on Aug 13, 2005 (gmt 0)

Just make sure you have a valid email address for the contact.
All important communication is handled by email.

Very good advice indeed. In some cases "no reply" is considered as "guilty".


 6:52 pm on Sep 7, 2005 (gmt 0)

I've been interested in this issue myself of late.

I've got all of my domains using the "privacy" option. (Domains by Proxy on most of them, but a few other registrars' privacy services as well.) I am being overly cautious because all of my sites are pretty harmless/non-controversial and for years I had no domain privacy on any of them, with no problems. But still, a little caution and paranoia is never a bad thing these days. You never know what might set someone off.

The thing that concerns me now is that there is a WHOIS service that (for a fee) lets you look at all the changes in the WHOIS record of a particular domain. That means that in some cases, someone willing to pay the fee can root around in your domain's "whois history," and if they are lucky, one of the listings in the "whois history" will include a home address and phone number. This is the case with a few of my own domain names.

I have been deluding myself that since I switched over to privacy on my domains, that was safe from the casual snooper. (I'm not worried about court orders at this point—I'm so low on the totem pole and my sites are harmless, so I can't imagine anyone bothering.) But I find that if someone wants to pay a fee to this WHOIS service, they can still possibly get my address! What is the point of privacy services if there is this loophole?

Fortunately, I find that most of the time, this "whois history" does not show the owner's name and address. Most of my domain names are still "private." But a few aren't, and anyone who knows about this "whois history" service can still find out who I am. And there doesn't seem to be any way I know of to block that.

I am not too terribly worried for myself (as I said, I went for years with no domain privacy, and nothing happened), but yet it seems like there's a terrible breach in this whole privacy/security thing in regards to domain name WHOIS.


 4:53 am on Sep 13, 2005 (gmt 0)

"Also, are there any other databases I should look into besides whois?"

If someone has your correct name. they can usually get the other info about you on the web.
I was somewhat surprised recently to see my name-home address-home phone on a free (person search) SearchEngine.(Even though I always use a P.O. for business.)
They work off info that used to be kept in a file cabinet, but is now published on the web. Like property records, court records, etc.

Global Options:
 top home search open messages active posts  

Home / Forums Index / WebmasterWorld / Domain Names
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved