Google Domains is a domain registrar and free DNS service from Google. If you are looking for a new domain name for your site, you should definitely consider Google Domains for its ease of use and improved security.
Why use Google Domains?
Google Domains is a nonsense registrar. They do not try to nickel and dime you for “Premium DNS”; or try to sell you on unnecessary web hosting bundles – you simply pay the registration fee, configure your DNS and forget about it. A good example of this is DNSSEC, an important feature that prevents DNS forgery and poisoning attacks on your domain by authenticating your DNS content with public keys. GoDaddy only includes this as a paid feature, but it’s a free feature in Google Domains.
Google Domains is also just extremely easy to set up. Adding new records is a breeze and their DNS system even supports “Synthetic Records”, which act as a collection of automatically configured records. You can use these to automatically enable G Suite for your domain, verify ownership with a CNAME, and route to their email servers with an MX record in an easy-to-add line. Other records include automatic subdomain forwarding and free dynamic DNS.
In addition to this are Google Domains very secure. Your domain name is extremely important – it literally controls access to your site, and if someone managed to gain access to your account, they could steal your entire site. It is important to lock your account. Google supports two-factor authentication, which you really should enable regardless of whether you own a domain.
But if you really want maximum security, you should consider how to enable Google’s advanced protection for your account. This means that you will receive a hardware security key like the one below, which you will need to connect when accessing your account from a new device. This makes your account virtually impossible to break into, and with your domain behind it, your site will be secure.
Overall, if you’re looking for a new domain name for a new site, Google Domains is probably your best bet. If you need more professional features, you may also want to consider the AWS Route 53 DNS, which is highly configurable and integrates well with their host environment.
To transfer an existing domain, you must first unlock it with your current registrar and then transfer it from the Google Domains Console. From there, you are free to configure and use Google Domains.
Go to the Google Domains search console and start typing the names you are interested in. Google searches its records and tells you what extensions are available, as well as some alternative domain names if they are not. If you click on a domain, you can see basic information about it.
Some of these domains are marked “Safer”. These domains are part of an HSTS preload list, so all connections to websites that use these domains are automatically loaded over HTTPS, saving an extra round trip due to HTTP redirects. However, you can enable this feature manually for your site, so it’s nothing special.
When you have a domain you like, you can add it to your shopping cart and check it out. You will probably want to keep “Privacy” on because it hides your WHO.IS data. You can turn off automatic renewal here if you want.
Once you verify your email address, your domain will be directly accessible from the Google Domains console. Click “Manage” to edit your DNS settings:
You can link your domain to an IP address quite easily by going to “DNS” in the sidebar and scrolling down to the “Custom Resource Entries” section. You can add new A-records here, which should point to your web server’s public address (and AAAA for IPv6, if you choose to use it as well).
One thing you want to check on this page is to switch to DNSSEC to protect your domain from attacks like DNS cache poison attacks and spoofing:
If you plan to use this domain for a custom Gmail, you can also authenticate your domain in advance and add the necessary MX records at once by enabling G Suite “Synthetic Record”. Otherwise, you can set up email forwarding from the “Email” tab or get started activating G Suite.
If you want to enable dynamic DNS for a subdomain, you can do so under the “Synthetic Records” drop-down menu.
You must use the information provided to link a dynamic DNS client, such as DDclient, to Google Domains.