Nigeria Internet Registration Association (NiRA)

  • banner1.png
  • banner2.jpg
  • banner3.png


Good Practices for the Registration and Administration of Domain Name Portfolios

It's always wise to remember good practices related to the registration and administration of domain names, especially when referring to portfolios with tens or hundreds of them. Good practices allow companies to have their online operations uninterrupted and prevent them from losing their domain names due to expiration or hijacking. It is noteworthy that poor practices can lead to disruptions in business, loss of customer confidence and harm to reputation, among other negative consequences.

Three good practices are:

Keep Registration Information Up to Date

At the point of creation of each domain name, the registrant provides contact details to the registrar. This information is then made publicly available via the WHOIS service, allowing companies to be contacted for a wide number of reasons – including technical or operational matters associated with the domain, interest in the content posted on the associated website, or security concerns.

Individuals/Companies should make sure that the contact data as displayed in WHOIS is accurate and up-to-date. Incorrect or obsolete information can prevent security researchers from contacting registrants whose domains may have been compromised, or potential business partners from establishing a contact that could lead to a new business opportunity.

Don't Use Personal Email Addresses

Companies should not use personal email addresses in the registration data of their corporate domain names. This recommendation includes both email addresses that employees use outside of work and email addresses that identify individuals in the organization. Both can leave a company vulnerable.

     Don't allow the members of staff who will register the domains to use their personal email addresses, such as This email address is being protected from spambots. You need JavaScript enabled to view it. or This email address is being protected from spambots. You need JavaScript enabled to view it.. The email addresses listed for the registrant and the administrative contact of a domain name are key for its administration. When employees' personal email addresses are listed, nothing prevents them from hijacking the domain when they leave the company.

     Use generic, role-based or department-based email addresses, such as This email address is being protected from spambots. You need JavaScript enabled to view it., instead of email addresses with people's names, such as This email address is being protected from spambots. You need JavaScript enabled to view it..

Providing the names of individuals involved in the administration of corporate domain names exposes them to an increased risk of social engineering and spear-phishing attacks aimed at the company. Instead, use role-based or department-based names, ideally with several users receiving communications sent to those addresses.

Avoid Having Domain Names In-Bailiwick

Bailiwick is the situation that exists when a company registers the domain and then lists the email addresses This email address is being protected from spambots. You need JavaScript enabled to view it. and This email address is being protected from spambots. You need JavaScript enabled to view it. in the domain name's WHOIS.

Attackers who gain control of a domain name in the bailiwick can redirect email by replacing the legitimate name servers with name servers that they operate. They can then add an MX record that directs email to a mail server that they also operate. Or they can turn off email entirely by deleting the domain's MX record, in which case no email will be sent to or received by the company that registered the affected domain.

An extra layer of difficulty is added when the registrar cannot communicate with the affected company, as it has no access to its corporate email. This situation requires out-of-band communication and proof to the registrar that the company is indeed the affected registrant.

Look for future posts where I'll give you other good practices to follow!

 Culled from ICANN Website


Recently, I was a guest on a radio show, “The Economy and You”, sharing ideas on ‘digital economy” with the general public in conjunction with Enterprise Development Centre. The programme was Live on Rhythm FM 93.7, powered by First Bank of Nigeria, Plc.

We discussed the place of .ng as a national and natural resource, about everyone being a stakeholder and the role of Nigerians in participating in its administration and growth. We discussed NIRA’s efforts in identifying the stakeholders contributing to the growth of domain name registration and the promotion of the DNS Industry in Nigeria.  

The world as we know it, is continually changing, and one of the fundamental drivers is the transformation brought about by the move to the digital economy and it is happening at breakneck speed.

The Digital economy has taken advantage of Communication, the Internet and Technology to facilitate prompt transactions (Financial transactions as well as buying and selling of goods). It is not limited to the borders of any country because it is capable of enabling cross border transactions. No transformation is more challenging than meeting the service expectations of the digitally empowered customers. To listen to the full interview, kindly click on the link

I was also a guest at the Lagos NUJ Congress which held on the 10th June 2017. The audience listened with rapt attention, as I discussed the abundant opportunities in the .ng space. 

This group of participants were eager to know the role they can play in the value chain of the .ng brand. It was a worthwhile event, enlightening members of the press on activities of the DNS Industry. It was a good opportunity to extend an invitation to all of them, to the NiRA hosted the 2017 .ng media College event on Wednesday 21st June 2017. 

In the coming month, we will be focusing on Internet Governance, with the 2017 edition of the Nigeria Internet Governance Forum. Please plan to join other stakeholders to enrich the discussions.

I remain at your service.


Rev’d Sunday Folayan

President, NIRA Executive Board

What Is your Domain Authority (DA)?


What is the essence of a website that has no visitors or not searchable on the internet? Having a website is an avenue to communicate with the world. You can communicate what you are, what you are doing and what you are about to do in relation to your business and services.

It is important always to consider best practice when developing your website. This will enhance the popularity of the website. It is worthy to note that companies spend lots of money on search engine optimization (SEO). This is to get their website closer to online users on search engine, social media and other online digital marketing platforms.

One of the factors that contribute to rapid growth and popularity of a website is your domain authority.

What is Domain Authority? It is a measure of the power of your domain name in terms of popularity. It is a search engine ranking factor. Such factors include Building good internal links, update content regularly on your website etc.

Domain Authority is based on many factors. Primarily, profile factors such as how many backward links are pointing to your website and how authoritative those sites are, for how long have you registered your domain name and how credible is your content most especially for bloggers.

It might be very difficult to gain a domain authority (DA) number of 100. Sites like Facebook and Google have it, so don’t be disappointed if you never hit 100. DA is difficult to influence directly. You can’t change your DA score like you can change your webpage meta tags.

To improve your DA:

     Register your unique domain name now without further delay

     Ensure that your technical Search Engine Optimization (SEO) is in place

     Create lots of linkable content on your website

     Develop strong internal linking

There are plenty of contents online that explains how to improve your DA. The bigger picture of today’s SEO is it’s content marketing. By focusing on the website content, you can win in the other areas — domain authority, traffic, organic search results, and ranking. Better content means better everything else. You can improve your domain authority. It’s all about the richness in your content and right domain name to drive your website traffic.

"Internet of Things" and "Smart City", is the time ripe?

Two technological innovations/revolutions that are changing the World: Internet of Things and Smart City. The Internet of things (IoT) is the interconnection via the Internet of everyday computing devices enabling them to send and receive data while Smart City is an urban development that integrates information and communication technologies to enhance the quality and performance of urban services. Constant power supply is the backbone to the success of these innovations.

Internet of things (IoT) technology is a revolution that is already shaping the world in every sphere of life. It is a secure means of managing a city's assets. Making our cities ‘smart’ will promote the use of urban informatics and technology to improve the efficiency of services. This could be as basic as sharing power generation and availability information over the grid, so that non-critical loads can be turned off, to make power more available, or delivering bus tickets via SMS linked to RFID tags on commuter phones. 

Some people doubt that smart devices are important and could be the next technological revolution. Few also stop to consider that, amid the new conveniences and wonder, IoT also promises to bring new problems and concerns, some technical, and others social or environmental. So far, most of these new problems and concerns are barely acknowledged, although many are already starting to appear. Top of the list of concerns are security and privacy issues.


None of these challenges is necessarily a reason to oppose the Internet of Things. Just as purposes for smart devices will be found that we cannot fully participate in today, so challenges are likely to emerge that we cannot anticipate today.

Just imagine the progress we have made, from registering domain names by filling forms and sending off via email to be manually processed, to the current situation of Registrar servers talking to the Registry servers and the very many automated tasks that keep the Domain Name and hosting ecosystem working. Obviously, we have come a long way!

We must continue to push the envelope and use technologies that will enhance the quality of lives of our people. Access should be universal. We must seek avenues to include everyone and make communications ubiquitous.

We can be better prepared to meet the challenges that we didn't anticipate, if we work at enhancing those things that will enhance the quality of our lives. We can only accomplish in proportion to what we attempt!

I remain at your service.

Rev’d Sunday Folayan

President, NIRA Executive Board


NITDA Advises Nigerians On Ransomware Attacks

The National Information Technology Development Agency (NITDA) being an Agency under the Federal Ministry of Communications, created in April 2001 to implement the Nigerian Information Technology Policy and coordinate general IT development and regulation in the country, sent an alert to the Nigerian public on the Ransomware Attacks.  In addition, to advising government on how to enhance the security of the nation, NITDA works  with critical stakeholders to come up with ways in which the Nigerian cyberspace can be adequately protected. Nigerians are called to support the Agency by doing their best at protecting themselves as well as the information and systems under their care.

On the 13th of May, 2017, The Management of National Information Technology Development Agency (NITDA), headed by Dr. Isa Ali Ibrahim Pantami, Director General/CEO, brought to the attention of Nigerians, the recent cyber-attack that was affecting computers across the world – the ransomeware attack. This attack, known as “WannaCry” or “WannaCrypt”, spreads by itself between computers and does not require human interaction. It restricts access to the affected system as well as demanding for payment of a ransom. As of that date, it was reported that the attack, had affected over 150 countries and 200,000 machines.

The ransomware attack was reported as exploiting vulnerabilities in the Microsoft Windows Operating System, especially those not currently supported such as Windows XP, Windows 8 and Windows Server 2003. Microsoft released a patch for the vulnerability in March and machines that were updated with the patch would have been automatically protected.

For infected systems, remedies were outlined to prevent further spread and the recommended line of actions were:

      Remove the system from Network;

      Do not use flash/pen drive, external drives on the System to copy files to other systems;

      Format the System completely and get fresh OS copy installed; and

      Contact NITDA Computer Emergency Readiness and Response Team (CERRT) for assistance. They can be reached via telephone on 0800-9988-7766-5544 or e-mail: This email address is being protected from spambots. You need JavaScript enabled to view it..

Individuals and organisations were advised to:

      Regularly update their operating systems with the latest patches;

      Regularly update their software applications with latest patches;

      Avoid downloading and opening unsolicited files and attachments;

      Adjust security software to scan compressed or archived files; and

      Avoid indiscriminate use wireless connections, such as Bluetooth or infrared ports.