: What could be the points to keep in mind while displaying user contact details to public? I'm building a domain whois lookup site, where I need to display the public contact details of the
I'm building a domain whois lookup site, where I need to display the public contact details of the domain registrant. (sample whois)
Since the details of public registrations without domain privacy are available to the general public, what points should I keep in mind while displaying the contact details to the public.
Also, is it allowed to take away the data from the server for offline use?
More posts by @Murphy175
1 Comments
Sorted by latest first Latest Oldest Best
With regards to displaying email addresses, it is worth considering methods to prevent their being easily harvested for spamming. The email address I use only for WHOIS records on my domains receives thousands of spam emails a day, mostly from free email accounts (e.g. gmail and similar) with people saying they can help design my website or improve my SEO etc. While clearly these are not trustworthy emails, I still have to regularly check through this mailbox for genuine mail as it is the official contact point for domain related issues. Anti-spam has proven relatively useless in this instance as all the genuine mail can appear to be spam too when its in fact not. Anyway the point I'm making is that if the email addresses must be shown, perhaps you can show part of the email address such as the first bit including the @ as an image instead of as indexable and very easily harvestable plain text in the page. It won't stop the serious spammers/bots but it certainly helps to implement some kind of technology to reduce this. Alternatively you could implement a contact form instead of publishing the email addresses.
While the information is available to the general public the database of information it belongs to will be owned and operated by the domain registry and will be subject to Copyright and Data Protection legislation. You will need to carefully read through their legal terms/policies or contact the domain registry for written confirmation as to whether or not you are:
allowed to copy, store copies of and/or redistribute the information;
allowed to charge others for a service that includes this information (it appears as though your site accepts paying subscribers and produces domain reports);
are to be provided with access to an API for this purpose with its own license and terms and conditions (they may not appreciate you screen-scraping their webpages every time you need a fresh copy of WHOIS record).
The permissions for these things may also vary between domain registries and you will need to carefully setup agreements and processes with each before proceeding to protect your organisation/website.
A much simpler approach might be to subscribe to an existing reseller service which provides an already established WHOIS service with an API, both to expedite your implementation and to outsource your liability with regard to the data. I haven't researched the full market of options available for this, but to help signpost you one solution I am aware of could be the name.com API. Once you sign up as a domain name reseller, API access to WHOIS records is free, and since the service is intended for the publishing/redistribution of WHOIS data so that resellers can use it on their own websites you should be safe with your own use case when using their API (provided you comply with their terms and conditions, which I haven't read but might include that you can't charge for WHOIS data).
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.