What is WHOIS?

WHOIS is a publicly accessible database that stores information about the owner of a registered domain name. When someone registers a domain, ICANN — the organization that oversees domain names and internet resources — requires the registrant to provide a name, mailing address, email address, and phone number. That information is then made available to anyone in the world who runs a WHOIS lookup on your domain name.

Think of it as a phone book for the internet. Just as a printed phone book once listed your name, address, and number for all to see, the WHOIS database does the same for domain registrants. Unlike a printed directory, however, WHOIS records are freely searchable from anywhere, at any time, by anyone.

What risks does an exposed WHOIS record create?

Most domain owners are surprised to discover just how much unwanted activity a public WHOIS record can invite. Once your contact details are visible, you are likely to start receiving unsolicited emails, phone calls, and physical mailers from vendors trying to sell you web services, SEO packages, or domain-related products — most of which you have no use for.

Beyond spam, there are more serious concerns. Your home or business address is visible to bad actors, which creates risks for privacy and personal safety. Phishing campaigns often harvest WHOIS data to craft convincing impersonation emails targeting domain owners. There have even been cases where publicly listed contact information was used in domain hijacking attempts, where an attacker tries to convince your registrar to transfer your domain to them.

What is WHOIS privacy protection?

WHOIS privacy protection — sometimes called domain privacy, ID protection, or private registration — is a service offered by domain registrars that substitutes your personal contact details in the public WHOIS record with the registrar's own generic contact information. When someone runs a WHOIS lookup on your domain, they see the registrar's details instead of yours. Your personal information is kept on file privately and is still available to legitimate authorities when legally required, but it is not exposed to the general public.

This means you retain full ownership and control of your domain name. Nothing changes about how your website, email, or DNS records function. The only difference is that your name, address, phone number, and email are shielded from public view.

Is WHOIS privacy right for everyone?

For most individuals and small businesses, the answer is yes. If you are running a personal blog, a freelance portfolio, a small business website, or any project where you do not have a legal obligation to publicly disclose your identity as a domain owner, enabling WHOIS privacy is a straightforward decision. The potential downsides — spam, targeted solicitation, and exposure to bad actors — far outweigh any reason to leave your details public.

There are some cases where public registration may be appropriate or required. Certain country-code top-level domains (ccTLDs) have their own rules about privacy, and some registries may restrict or disallow private registration. Businesses that are legally required to maintain transparent public contact information may also choose to keep their records public. When in doubt, it is worth checking the requirements for your specific domain extension.

How do I enable WHOIS privacy for my domain?

If your domain is registered with Dynu, enabling WHOIS privacy is simple. Log into your account, navigate to your domain management panel, and toggle on the privacy protection option for any domain in your portfolio.

If you are not sure whether your current registrar offers this, run a WHOIS lookup on your own domain and see what comes up. If your personal details are visible, it is time to either enable the protection or consider moving your domain to a registrar who makes privacy a priority.