Page MenuHomePhabricator domain owned by us, but isn't hosted by us??
Closed, ResolvedPublic


What's up with the domain According to whois, we own it:

$ whois
Domain Name: EN.WIKI
Registry Domain ID: D7097392-CNIC
Registrar WHOIS Server:
Registrar URL:
Updated Date: 2017-05-10T09:13:15.0Z
Creation Date: 2015-03-03T18:01:25.0Z
Registry Registrant ID: C16495171-CNIC
Registrant Name: Wikimedia Foundation, Inc.
Registrant Organization: Wikimedia Foundation, Inc.
Registrant Street: 149 New Montgomery Street

But it's A record points to (, and it appears to be a (no https) webserver that redirects to but only if the url has no path.

This seems super odd. Why don't we just fully host this domain?

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald Transcript

Check this for ALL of the other language prefixes too. We once had them all, was a long discussion with the owner of .wiki years ago. Then WMF decided to not use them. (except Raymond was sad about it after all the discussion. Then i don't know what happened.,,, etc etc...

Hmm. seems to be similar in that we own the domain but the A record points to AWS. It has the additional interesting thing in that its included in the subject alt name of our main certificate

Oh, i see, the A record points to a page which is hosted by the registrar for .wiki (who happens to use aws- i didnt originally think of navigating to to find out more info...), so its essential some domain parking service that redirects to our site.

So at least thats a little less sketch than it being some totally random aws account. Still would be nicer to cut out the third party.

Peachey88 raised the priority of this task from Low to Needs Triage.Jan 15 2018, 11:41 PM
Peachey88 added projects: Domains, Privacy, WMF-Legal.
Peachey88 added a subscriber: Peachey88.

Resetting priority for re-triage by ops on-call.

Redirecting users though a random AWS account when they hit a domain we own, even if its low usage seems to be a possible privacy issue.

There's a lot else to be said about the subject of the .wiki TLD (much of which has been said before on past tickets), and I tend to agree it's confusing that they're registered to our name but not our nameservers (but if they were on our nameservers, we'd currently be sending them to the black hole).

The bottom line is that, with the exception of, none of the subdomains of .wiki are canonical content domains of ours. We don't advertise them or publish links to them, and users shouldn't expect them to host our content.

The current canonical domain list is at:'s_canonical_domainnames

Somebody can login at Porkbun and change the DNS settings of these domains (EXCEPT !) and blackhole them. Also just now we got emails about renewals for those coming up. So the question might be if we should keep holding them. That being said these things are not done by Ops in this case. Somebody in Legal/Office handles the domain buying and should have Porkbun access to do it.

CRoslof claimed this task.
CRoslof added a subscriber: CRoslof.

I've changed the domains we have with Porkbun to use our nameservers. (I didn't change anything about It might take a little while for them all to update.

sbassett triaged this task as Medium priority.Oct 16 2019, 5:40 PM