[deanhills]

Thing is, all my domains are behind CloudFlare, till date there was only a flood attack on one of my domains, and CF's anti-DDoS feature served quite well to mitigate the attack in hours. I think you should consider this rather than sticking to ".com", well they are company domains afterall, even though they've become general purpose nowadays.

I wouldn't recommend CloudFlare as a choice over .com. Any reputable company when dealing with traffic would rather be more suspicious of someone who is "hiding" behind CloudFlare and not clearly identifiable, than being out in the open with a reputable .com domain.

Only time when I do have respect for use of CloudFlare services, is when big companies like hostus.us or linkedin use the services to filter out bots. But if I can't recognize the identity of the Website when CloudFlare is used, I start to doubt the credibility of the Website.

[LightDestory]

Using particular domain for website domain isn't a problem.
You can use whatever domain you want if it only redirect!

If you start using that domain to send verified mail you will have an high chance to get your email into your customer spam folder!
Gmail's anti-spam system doesn't like suspicious well known domains (tk and other... free or paid).

Regarding cloudflare, it doesn't do anything like hiding. It just offers you a CDN and a basic flood protection.
What prevents you from knowing who is behind a domain is the "whois" protection which hides registration information from the registry

[Sn1F3rt]

I wouldn't recommend CloudFlare as a choice over .com.  Any reputable company when dealing with traffic would rather be more suspicious of someone who is "hiding" behind CloudFlare and not clearly identifiable, than being out in the open with a reputable .com domain.

Only time when I do have respect for use of CloudFlare services, is when big companies like hostus.us or linkedin use the services to filter out bots.  But if I can't recognize the identity of the Website when CloudFlare is used, I start to doubt the credibility of the Website.

Well, CloudFlare helps you mask the real IP on which your domain is hosted, of course if you're not using email services on the same domain (MX and TXT records aren't masked). In case you're aware, there are various types of flood attacks, DDoS on a website is just a thing, but attackers can cleverly block you out from logging into your server if they know the IP. 

Being behind CF isn't hiding as such, it's just extra protection. Moreover, if you report a website behind CloudFlare with sufficient proof, they will remove it, exposing the origin IP. 

That being said, I not only use CF for protection, there are other reasons too. For instance as I had highlighted earlier, I use DNSSEC on my project domain, PorkBun as a registrar doesn't support DNSSEC on it's authoritative DNS, hence, you need a provider, CF in my case, free and secure. :-)

[deanhills]

Well, CloudFlare helps you mask the real IP on which your domain is hosted, of course if you're not using email services on the same domain (MX and TXT records aren't masked). In case you're aware, there are various types of flood attacks, DDoS on a website is just a thing, but attackers can cleverly block you out from logging into your server if they know the IP. 

Being behind CF isn't hiding as such, it's just extra protection. Moreover, if you report a website behind CloudFlare with sufficient proof, they will remove it, exposing the origin IP. 

That being said, I not only use CF for protection, there are other reasons too. For instance as I had highlighted earlier, I use DNSSEC on my project domain, PorkBun as a registrar doesn't support DNSSEC on it's authoritative DNS, hence, you need a provider, CF in my case, free and secure. :-)

Thanks for the feedback @sohamb03. Agreed that Cloudflare has many benefits. Particularly for those looking for DNS. However I was responding to your comment about the combo of a lower level TLD like dot.xyz with Cloudflare being a better option to use than a higher ranking dot.com domain. Cloudflare has many benefits, but if I have to choose between a dot.com Website and a domain like dot.xyz with Cloudflare, then the dot.com Website would be more credible for me. Dot.com is also very cheap relative to the other TLDs.

[Sn1F3rt]

I understand @deanhills, not everyone's opinion is the same but yes I would still go for another TLD than .com if it's not a company/project for whom a website is being built. If proper server security measures are taken, I do think it will be an issue to even not mask the IP with CloudFlare and use the latter for only DNS requirements.

[rudra]

first of all, thank you for posting about this nice offer here. I see that it will remain active till 7th of Jan in 2021. So that is a plus. I think I will be able to decide whether to buy the ones I want before that. I am used to buying from bigrock. But certainly wanted to experience the service from porkbun. This is a good opportunity for that.

In the matter of getting spammed, I see that some particular niche sites are more prone to getting spammed. Thogh if you have good site security in place, then there is not much to worry about. Also I do like to use the security measures provided by CloudFlare when it is not necessary to disclose the site ip for any reason.

[deanhills]

I understand @deanhills, not everyone's opinion is the same but yes I would still go for another TLD than .com if it's not a company/project for whom a website is being built. If proper server security measures are taken, I do think it will be an issue to even not mask the IP with CloudFlare and use the latter for only DNS requirements.

Agreed. Perhaps our thinking is the same after all. I have a few domains like that, i.e. personal projects that I'm not worried about and don't particularly care about traffic. I have three domains from freenom that I've successfully had for a number of years renewing them for free. Could be my low profile on those has allowed for just the right amount of traffic for Freenom to allow me to have kept it so long, and not to have attracted negative spam/hacking attention. I also have a few very cheap domains from Namecheap in the same category as dot.xyz viz: dot.review, dot.rocks, dot.club. I'm not particularly worried about exposure, i.e. I'm not really interested in getting traffic.

I agree with @rudra. I once had a domain called noobnotes.net. I'm almost certain the name of the domain attracted negative attention that caused it to be shut down and I was locked out of the Website. So I agree. If one uses certain "niche" names, one needs to beef up security. And in this case possibly CloudFlare Name Servers would have been good to use. Or some added protection on top of standard security plugins like WordFence. Instead I let go of the domain. I tried to use it a second time on a different VPS, and surprise surprise the negative attention was exactly the same. Looks like once a domain has attracted negative attention, the Internet doesn't seem to forget about it.

[Sn1F3rt]

I have three domains from freenom that I've successfully had for a number of years renewing them for free. Could be my low profile on those has allowed for just the right amount of traffic for Freenom to allow me to have kept it so long, and not to have attracted negative spam/hacking attention.

Phew, my experience with Freenom has been very poor, I registered sohamb03.tk and sohamb03.ml, with the only visitor being literally me and both of them got cancelled after 3 months, even though the free period is one year. Indeed they are very clever, they show the domain as being active but cancel it internally wherein it stops responding to any DNS queries. Even now they show sohamb03.ml is registered although there are no nameserver responses from the registrar end. I've given up on them, I usually look out for free domain deals, get a $1 .xyz domain, or use a free subdomain from FreeDNS, much much much better service to be honest.

[tryp4vps]

Phew, my experience with Freenom has been very poor, I registered sohamb03.tk and sohamb03.ml, with the only visitor being literally me and both of them got cancelled after 3 months, even though the free period is one year. ......

The problem of Freenom is that you will never know when you will lose your domains.

I did have a domain registered for many years there, but then suddenly lost it, without any prior notice or warning.

So, for any serious projects, it is always much better getting TLDs from good registrars such as Namecheap or Porkbun etc.

[deanhills]

Looks like we're getting off topic now - and I'm also to blame for it.

Since we're now at the beginning of a new year am closing the discussion. If there should be new special deals for PorkBun please let us know.