Three days ago, I reported on a Gmail security flaw resulting in the theft of my domain name.
Today, I’m pretty humbled and relieved that I’ve got davidairey.com back. The response was overwhelming and can’t thank you enough.
50,000 daily visitors crashed my server, but only for a short time as the folk at ICDSoft (my host) were very helpful. ICDSoft worked outside the normal remit of their services to change my previous post from a dynamic PHP web page to static HTML, setting a rule to redirect all visitors to the latter. This greatly reduced the server load, allowing my shared server hosting plan to cope with the influx.
How did I get my domain back?
After reading my story, some of you contacted me, saying that you know the CEO of GoDaddy.com, Bob Parsons, and that you would get in touch with him, asking if he could help.
Soon after, I was contacted by Karen, one of Bob’s very friendly and helpful colleagues, asking me to complete an Undo of Change request form. This involved me supplying an image of my drivers license for photographic ID, and hand signing the form, then emailing a scan. The completed document would allow GoDaddy to negate the transfer process that took my domain name from ICDSoft to their systems. The form said to allow three business days for an intitial response, but some email ping-pong during the last few hours resolved the process much faster. For this I am very grateful. Thank you Karen.
I was requested to open a free account with GoDaddy, and supply them with my customer account number. This I did, and soon after I was again the rightful owner of davidairey.com.
Update: April 1st 2011
I ended-up storing 10-15 domains in my GoDaddy account, but I’ve since moved away from the company, mainly for this reason.
I accept my share of the responsibility
I’ve read on other websites that I deserved what I got, and that using Google’s free Gmail service for business is naive. Perhaps. I hate shifting blame onto another person or organisation, but here’s the crux: I’m almost sure my story wouldn’t have received the attention it did if the headline read something like:
“My naivety allows hacker to steal domain”
Isn’t this (below) more newsworthy?
I’ve been picking-up copywriting tips over the past year, and although I have a lot to learn, I reckon I put them to good use (thanks Brian).
I chose to use my blog against a criminal, and if that made it sound like I was pointing the finger of blame, so be it.
What about the cracker?
No, not a Christmas pun. I’ve been informed that cracker is the correct term for the criminal who stole my domain name:
“Just to let you know, the filthy person who did this to you is referred to as a “cracker” not a “hacker”. A hacker is someone who tweaks things to their purposes. A cracker is a low-life who attacks other people with malicious intent. There is a big difference.”
Many of you have been digging around the net, searching for clues and pointers as to who/where this thief is. You’ve used the cracker’s email address I supplied, posing as potential buyers of my domain name to glean more personal info.
It seems the thief has been selling stolen domain names for some time, advertising his loot on various web forums. The consensus sets the physical location as Iran, which ties-in with the Persian language used for certain email addresses. There has been so much information flooding in that it’s fair to say I’m not the only one attacked by this miscreant.
During the next week or two I’ll be sifting through it all, and will decide on further action.
What’s of more immediate concern is this… If you have any SEO advice on how to prevent further damage to my search rankings, I’d be extremely grateful.
How do I halt the damage to my search rankings?
With control over both davidairey.com and davidairey.co.uk, the question now is which one should I use as my primary address?
Perhaps it doesn’t even matter which one I use, providing a permanent 301 redirect is set from one to the other. I’ve found that a UK-based Google search for David Airey lists me higher now (with the .co.uk) than it did with the .com. Given that my local market is in the UK, the right move could be to remain with the .co.uk, rather than revert. Not sure.
I’m guessing the next step is to set my .com address to a 301 redirect to the .co.uk.
My htaccess file (which I’m not too clued-up about) is available for you to look at, and in the short-term, at least those previously referred .com visitors are arriving once more.
Any help at all would be superb, although I feel as if you’ve already done more than enough.
Thank you very much
When something like this happens, you don’t expect so many people to offer their help.
It’s testament to the good-will of the blog community that this situation is well on the way to recovery. In fact, the criminal has opened my website up to a whole new audience, who I otherwise wouldn’t have reached. If you believe there’s anything I can do to help you in return, don’t hesitate to contact me, and I’ll respond as soon as possible.