Your domain, protected.
Domain theft, hijacking, and accidental expiry are real risks. Here's exactly what we do to prevent them — and what you can do too.
WHOIS Privacy
Free by default on every TLD that allows it. Hides your name, email, address, and phone from the public WHOIS directory. Stops scrapers, spam, and direct-to-owner marketers.
Transfer Lock
Enabled by default on every new registration. Prevents anyone from transferring your domain to another registrar without your explicit unlock + EPP code.
Auto-renew
Toggle in one click. We charge your card 14 days before expiry and renew immediately. No more lost domains because of a forgotten bill.
Renewal Reminders
If auto-renew is off, we email you 30 days and 7 days before expiry. Final warnings during the redemption grace period. Nobody loses a domain quietly here.
Two-step Transfer Out
Want to move? Toggle the lock off, request the EPP code — it's emailed only to the registrant address. No one can steal your domain just by knowing your username + password.
Full Domain Protection
Optional $9.99/yr upgrade: change verification (we email you before any contact change goes through), transfer monitoring, expiry safety net even if your card fails.
The infrastructure side
Behind every Modusdom domain is enterprise-grade registry infrastructure:
- ICANN-accredited registry via OpenSRS — established 1993, billions of transactions, no service-affecting breach in their history.
- HTTPS everywhere — TLS 1.3, HSTS, modern cipher suites only. All admin and customer traffic encrypted end-to-end.
- Signed customer sessions — bcrypt-hashed passwords, CSRF tokens on every state change, secure HttpOnly cookies.
- OAuth 2.0 with Google and Microsoft as identity providers — no password ever transmitted from those flows.
- Webhook signature verification on every Stripe and registrar event we receive.
- Audit log of every domain-affecting action, kept indefinitely.