| ▲ | amingilani 9 hours ago | |||||||
Further to your point, it harms the existing wonderful sites like https://radio.garden/—which has been featured on HN several times over the past few years. > First-year TLDs under $2 is one of the best indicators of likely abuse. Some TLDs like .xyz are truly fighting abuse while others feign ignorance. I don't understand this. The first year being discounted (or free) helped .me, and .xyz in the past. This is one year of data. Surely more time is needed? > It is unlikely that there are valid business reasons for network environments to allow .garden domains; What do you mean? What is this likelihood based off of? > highly recommend defenders completely block the .garden top-level domain, and allowlist items as needed. Holy overreaction, Batman. | ||||||||
| ▲ | furyofantares 9 hours ago | parent | next [-] | |||||||
Just another data point about this, not an argument for (or against) blocking a TLD, but personally I wouldn't register an .xyz again, due to what I presume is related to them having to fight abuse. I still have one site on there and have migrated another off. My domain was flagged for abuse (it's a static site with a daily word game, no ads or anything else) and the TLD took it down. Not my registrar or host, the TLD itself. There was no communication on this, it took some effort to work out what even happened, and appealing was a pretty blind process of claiming to have fixed the issue and issuing proof (which felt a bit strange to fabricate proof that it was fixed, since no issue existed to begin with - I sent a screenshot of the page or something, I can't recall) and hoping they'd unblock it, with no communication at all beyond a place to send such a claim. They did unblock it, and while I am sympathetic to them having to fight abuse, I still moved away from them. | ||||||||
| ▲ | unethical_ban 8 hours ago | parent | prev | next [-] | |||||||
On a corporate network, blocking lesser-used TLDs combined with an aggressive use of DNS and web reputation filters is recommended. I work for a company that provides both services. Makes sense to keep Internet traffic on a sensitive network limited to the sites most likely to have a business case. For end-users, less so - stick to DNS blocklists and uBlock filters for malware domains which are freely available. | ||||||||
| ▲ | gruez 9 hours ago | parent | prev [-] | |||||||
>Holy overreaction, Batman. I don't see it as that much different than people setting up IP blocks at the country/ASN level. | ||||||||
| ||||||||