3 Essential Rules for Securing Your Own “.LK” Domain Name

Since securing my first .ORG domain name back in the year 2004 which is still active up to this day, I have registered hundreds if not thousands of generic top-level domain (gTLD) names (.COM, .NET, INFO, .MEDIA, .ME) as well as country code top-level domain (ccTLD) names (.AU, .IN, .SG, .LK) for a large number of local and offshore clients. Now registering a ccTLD name can be difficult compared to registering a gTLD owing to local restrictions, documentation requirements, and higher costs but don’t you worry. The 3 essential rules for securing your own “.LK” domain name below stem from the knowledge and experience I gained from registering domain names for the past 20 years and the LK Domain Registration Policy. Do note that the first two rules are relevant not just for “.LK” domains but for any other country code top-level domain. So if you are looking forward to registering a “.LK” domain for your business, non-profit or even personal use, this blog post titled “3 Essential Rules for Securing Your Own “.LK” Domain Name” is for you.

Note: Feel free to text me on WhatsApp or email me if you wish to enlist my assistance to register your country code top-level or the generic top-level domain name. I will get back to you within the next business day.

Purchase through NIC.LK

It’s common knowledge that generic top-level domains (gTLDs) can be purchased through any domain registrar, such as GoDaddy, Wild West Domains, Namecheap, HostGator, or Hostinger. However, country code top-level domains (ccTLDs) operate differently. For example, to register a “.LK” domain, you must go through the Country Code-Top Level Domain Authority for Sri Lanka, which is NIC.LK (National Informatics Centre), or an officially appointed reseller known as an “Agent.” Currently, NIC.LK has 11 authorized agents. While agents might offer discounts on “.LK” domain registration fees, I strongly recommend purchasing your “.LK” domain directly from NIC.LK rather than through an agent. Here’s why:

Enhanced Security

In my blog post titled “Unveiling Issues: LK Domain Registry’s Website,” published on August 30th, 2023, I highlighted the lack of two-factor authentication in the LK Domain Authority portal, which left client accounts vulnerable. Without this security feature, attackers could potentially use social engineering, phishing, brute force, or stolen credentials to gain access to a client’s account and quickly redirect all domains within that account to rogue name servers (NS Records) used by malicious websites to host drive-by malware attacks. However, on October 10th, 2024, NIC.LK announced that they were making two-factor authentication mandatory for modifying Name Server Records, and they implemented this change shortly afterwards. Unfortunately, the domain authority portals maintained by “Agents” do not offer this enhanced security feature, making it a smart choice to purchase your domain directly through NIC.LK.

Cost and Flexibility

A friend of mine recently tried to register a new “.LK” domain name through an agent and was charged LKR 10,000.00 (around 33 US dollars). Currently, the cost of registering a “.LK” domain directly with the NIC Domain Authority of Sri Lanka is no more than LKR 5,000.00 (around 16 US dollars). Upon further investigation, he discovered that the domain was automatically registered for two years, with no option to choose a one-year term. This was a problem because he was unsure if the project requiring the domain would continue into the second year. If the project failed in the first year, the domain would be unnecessary, and the extra LKR 5,000.00 would be wasted. This experience reinforces my preference to always register my “.LK” domains directly with NIC.LK, due to both the cost savings and the flexibility they offer when purchasing directly from them.

Future Proof

Lastly, in the long run, a government-run agency for registering ccTLD top-level domain names is far more reliable than a privately owned business acting as a proxy. If the agent suddenly goes out of business due to bankruptcy or legal issues, you would have to figure out how to recover your domain name on your own. While salvaging the domain isn’t difficult since all “.LK” domains are ultimately controlled by NIC.LK, it’s an unnecessary hassle. Hence, registering directly with NIC.LK provides you with a solid safety net. This is the third reason why I always choose to register Country Code Top-Level Domain (ccTLD) names with the National Informatics Centre whenever I help a client, whether they are local or offshore. So, if you’re purchasing your own “.LK” domain name, I encourage you to always do so through NIC.LK.

Furnish True Information

I’ve noticed that some small business owners and non-profits sometimes register “.LK” domain names by stating that the domain is for individual use. While this approach may seem convenient since it avoids the need to submit business registration documents or non-profit certifications, it actually violates the terms and conditions. If the domain authority discovers that you provided false information in your application, you could permanently lose your domain name. For instance, I recently registered the domain name WORDCRAFT.LK, which I plan to use to promote my freelance services. Since freelancers aren’t required to register as a business, I correctly specified that the domain is for individual use and added a note saying, “The domain name will be used for promoting my freelance services.” Always ensure that the information you provide is true and accurate.

Get a CloudFlare Account

This isn’t a critical rule, but it’s worth mentioning. NIC.LK only allows you to configure A, AAAA, CNAME, and TXT records. If you need to set up more advanced record types like DMARC, SPF, or SRV, you’ll have to manage your name servers on your own and point your domain to those servers. This can be done through your web hosting provider, but what if you don’t have access to a web server? For example, I recently registered another domain called FLAMESL.LK. Since we’re only using it to send a tri-monthly newsletter through Brevo, there’s no need for a web server. In this case, Cloudflare was the perfect solution. Their free basic plan met our needs and it should meet your needs as well. Simply set up your domain in Cloudflare, and replace the name servers in the NIC.LK customer portal with the ones provided by Cloudflare, and you’re all set!

Wrap Up

Securing your own “.LK” domain name isn’t as simple as registering a Generic Top-Level Domain (gTLD), but it’s not overly complicated either. The key is to ensure that you follow the correct procedures from the start, so you don’t encounter issues down the line or risk losing your valuable domain permanently. When it comes to registering a Country Code Top-Level Domain (ccTLD) like “.LK” there are many potential pitfalls you could encounter. However, three essential rules stand out as the most crucial to follow. If you’re uncertain about any aspect of the registration process or want to avoid potential mistakes, I strongly recommend reviewing the LK Domain Registration Policy. This document provides detailed guidelines that can help you navigate the process successfully. Following these essential rules and seeking further clarification when needed will help ensure that your domain is secure for the long term. If you’re unsure about anything, feel free to send me an email or a WhatsApp message. I offer assistance at a reasonable and affordable cost.

---

If you found this content helpful, I kindly ask you to leave your feedback in the comments section below. Sharing it on social media would also be greatly appreciated. In order to promote meaningful and respectful dialogue, I request that you use your full name when commenting. Please note that any comments containing profanity, name-calling, or a disrespectful tone will be deleted. Thank you for your understanding and participation.