OpenSRS: Reseller Friendly since 1999

Posts in: OpenSRS Services

OpenSRS and Heartbleed

On April 7th 2014, a new security vulnerability was announced in OpenSSL: Heartbleed. Heartbleed is a serious vulnerability in the popular OpenSSL cryptographic software library. The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. Services such as web, email, instant messaging (IM) and some virtual private networks (VPNs) may have been affected.

Heartbleed is believed to affect more than two thirds of all Internet services and many of OpenSRS’s systems rely on OpenSSL to protect customer data. At this point, we have no evidence that this attack was used against OpenSRS but we have been doing our due diligence to ensure the integrity of our services and systems.

We started work to secure our systems as soon as the problem was announced. We patched the affected systems we run within a few hours so we consider the risk of OpenSRS being exploited by Heartbleed to be low.

We have been working quickly to ensure that every aspect of this problem is covered off. We are confident that the measures we have put in place have brought our systems back to a secure environment.

Yesterday we wrote a blog post on how Heartbleed affects SSL Certificates. If you have any further questions or concerns, please contact support at

Reseller Control Panel Improvements

We have some exciting news to share. In the coming weeks and months, you will see numerous improvements to our new OpenSRS control panel.

The first step is to upgrade the existing new control panel. On November 19, you will see several changes:

  • A new look and feel. We’ve introduced a new and improved design, and reduced the amount of real estate occupied by navigation.
  • An improved filtering system. We’ve simplified how filtering works.
  • An overall increase in usage speed.

This launch is the first in a series of releases scheduled in the coming months, including:

  • Rollout of the Trademark Clearinghouse.
  • Introduction of our email service to the same control panel.
  • Improved reseller and user management features.
  • Completion of outstanding features (dashboard, etc.) in order to sunset the existing Reseller Web Interface.

Interested in a sneak peek? Click the screenshot for a better look!


We’ve Lowered pricing on several Thawte SSL Certificates

thawte_logoWe have some good news to share: we’ve permanently lowered prices for five different Thawte SSL Certificates.

  • SSL 123 – $55 from $59
  • SSL Web Server – $90 from $99
  • Thawte Wildcard – $320 from $390
  • SGC Super – $170 from $249
  • SSL Web Server EV – $120 from $195

As the first International Certificate Authority, Thawte makes an excellent choice to offer to your customers. And since its backed by Symantec you can have faith you’re offering your customers a reliable certificate.

Campaign Resources
Be sure to check out the marketing resources page to assist you in growing your Thawte business.

Recommendations for Securing Names in new gTLDs

Last week’s post regarding pre-registration resonated with a lot of readers, and it also sparked a conversation internally about where pre-registration fits in the bigger picture. We ultimately boiled it down to the needs and intentions of registrants, and some recommendations on what you can do as a reseller.

What pre-registrations really are

What is being marketed as “pre-registration” in the context of new TLDs is generally more an “expression of interest”. It doesn’t give any guarantee to get a domain, but merely says “whenever this new TLD becomes available for everyone, please let me know, because I would be interested in purchasing this name.” They can however help registrants to not miss the launch of their desired extension. It’s just important to note that those “expressions of interest” do not help to secure a specific name.

So, what do you tell clients who want to secure specific names upon the launch of a new gTLD, if pre-registrations don’t help? The answer depends on what kind of name it is.

How to secure your brand or trademark

There’s good news for holders of registered trademarks: you’re among the first in line for every new TLD that launches! But still, to reserve this prime spot in the queue and get a domain ahead of everyone else, you need to do two things:

  1. Submit your trademark record to the Trademark Clearinghouse (TMCH), and
  2. Apply for the desired domain name during the Sunrise phase of the TLD.

If your brand is registered with the TMCH, it will then be eligible to be registered as a domain name in every registry sunrise phase (some exceptions may apply). There’s a charge for submitting a mark to the TMCH, and a separate charge for every sunrise application. OpenSRS will enable you as a reseller to submit marks to the TMCH and apply for names during sunrise on behalf of your clients.

A nice additional benefit of using the TMCH is the Claims service, which will warn others intending to register your trademark that they are potentially violating your intellectual property. In case they still go ahead and register, the trademark owner will be notified and can take the necessary steps to suspend the name.

While the TMCH and sunrise phases are a good solution for holders of registered marks, what if your brand or product name isn’t a trademark, but you still want to secure the name?

How to secure your “Very Important” Domains

Landrush is your friend. Once a new gTLD has completed their mandatory sunrise launch phase for trademarks, we expect most registries to offer priority registrations during a landrush phase. Landrush means anybody can apply for any name that hasn’t already been taken during sunrise, but for a premium registration fee. Auctions will typically resolve multiple applications for the same name. Some registries will also sell high-value names as premium names, with a specific price tag on each of them.

Although Landrush registrations have a higher cost, you will still be ahead of the crowd waiting for general availability.

But what if this all sounds too expensive, and you just want to try your luck securing a regular name?

Getting a name at the regular price

After the names in highest demand have already been taken during sunrise and landrush, new gTLDs will enter their general availability phase. During this phase, we will conduct real pre-registrations, which is placing a binding order on hold in a queue at a time when the launch date, pricing and requirements are known. OpenSRS will open such pre-registration queues for general availability phases only prior to launch. At launch, those queued orders will be submitted to the registry one after the other, and you might be lucky enough to get a name.

So if you are a reseller and have decided to take “expressions of interest” from your clients, you would contact the client prior to launch with info on launch phases and dates of that TLD, and invite him to place a Sunrise or Landrush application or a binding pre-registration for General Availability.

If you want to get active now, taking expressions of interest is one thing you can do, the other is preparing the brand owners among your client base to submit their marks to the TMCH.

WHMCS Plugins Now out of Beta

OpenSRS is excited to announce the release of six plugins for WHMCS that will allow our resellers to easily sell our products & services and integrate directly with our platform. All of these plugins are available today at no cost and are 100% open source. We hope you’ll start using them and provide feedback so we can continue to improve them.

For a list of all features and to download our plugins, visit

OpenSRS Domains Pro

  • Works alongside other registrar modules
  • Adds .PW to the list of ccTLDs
  • Supports WHMCS Domain Sync
  • Register/Renew/Transfer new domains
  • Enable or disable WHOIS privacy functionality
  • Remove WHOIS privacy service from registrar and billing area
  • Automatic invoice generation for clients who enable whois privacy support is now available via the client area
  • Adds support and fixes the phone # formatting issue that affected WHMCS’ OpenSRS module


  • You can now manage existing certificates within WHMCS
  • Register/Renew/Terminate for all supported certificates (Comodo, Symantec, GeoTrust, Trustwave, Thawte)
  • Auto configuration via client side interface
  • This module will NOT support SAN/UC certs


  • Create TRUSTe orders manually and via auto provisioning
  • Terminate TRUSTe orders
  • Auto renew of order upon payment
  • Manage and complete TRUSTe signup process

GeoTrust Anti-Malware Scan

  • Create GeoTrust Anti-Malware Scan orders manually and via auto provisioning
  • Terminate GeoTrust Anti-Malware Scan orders
  • Auto renew of order upon payment
  • Manage and on demand scan of GeoTrust Anti-Malware


  • Support for existing SiteLock accounts
  • Create SiteLock orders manually and via auto provisioning
  • Terminate SiteLock orders
  • Auto renew of order upon payment
  • Upgrade/Downgrade capabilities


  • Support for existing GoMobi purchases
  • Create GoMobi orders manually and via auto provisioning
  • Terminate GoMobi orders
  • Auto renew each month upon payment otherwise product is suspended
  • Suspend and un-suspend service

The Hype of Preregistration – Don’t be fooled

The upcoming launch of new gTLDs has lots of people excited, but there is also a lot of confusion and misperceptions going around. Pre-registration in particular is causing a lot of headaches as it introduces an unofficial step in the process; in reality its just a marketing ploy.

The Trademark Clearinghouse is the one and only ticket to securing your brand during the Sunrise phases; which will be taking place over the next 2-3 years. ICANN still has a long way to go before all the new strings are released; and many of the most popular strings are contested by multiple parties.

Remind your customers we still have a long way to go before all the dust will settle. OpenSRS will be providing resellers with an interface to offer TMCH applications to protect trademarks and brands and give your customers first right of refusal.

Getting Ready for New TLDs and New Rules

If you buy or sell domain names, you’ve probably heard about the upcoming launch of new TLDs. By the middle of next year, we will likely be awash in new extensions ranging from .abudhabi to .webcam. It will be the biggest, most exciting change to the Internet in over a decade.

At Tucows HQ, we are working hard to make sure you’re able to take advantage of the numerous opportunities that new TLDs will bring. But we also want to make sure you’re aware of the important changes that will accompany new TLDs on a policy level.

In June, ICANN’s Board of Directors approved the 2013 Registrar Accreditation Agreement (RAA). The RAA is the formal contract between ICANN and registrars, and sets out the obligations of both parties. The approval of the 2013 RAA concluded several years of discussion and negotiation, much of which focused on the concerns of law enforcement agencies and governments.

The 2013 sets out a number of new regulations and procedures that are important to take note of, as they will have a (hopefully small) impact on your business:

  • The email address of a registrant will need to be validated upon the purchase, transfer or modification of a domain name (unless that email address has already been validated). Should any of these three things occur, registrars are required to send an email or SMS requiring an affirmative response. Failing to receive a response within 15 days requires the registrar to either manually contact the registrant, or suspend the name. At OpenSRS, we will be sending an email (which, like our other products, will have white label capabilities). We’ll have more details shortly, but the important thing to note here is this applies to both new and existing domain names.
  • The same validation process will also need to take place if a WHOIS Data Reminder Policy (WDRP) email bounces. It will therefore be of paramount importance to ensure the WHOIS data your customer provides is correct.
  • Related to the point above, registrars will need to ensure the proper formatting and data for each address supplied within a contact. Registrars will need to validate, for example, that a street exists in a city, that the city exists in a state/province, and that the city specified matches the proper postal/zip code. This work and validation will take place on the registrar end. However, it will likely result in stricter validation rules on a platform level.

As you hopefully know, we believe in a free and open Internet, and feel current laws can resolve most issues without legislating the Internet. We voiced our disagreement with these provisions, as we do not feel the benefits will outweigh the effort and business impact, but the RAA was nonetheless ratified. We have since turned our attention to making sure we minimize the impact to your business.

We will keep you updated as we continue to develop the systems and features required to accommodate these new rules.

goMobi update coming August 29

gomobi_iphone-rOn August 29, goMobi plans to release an update to the goMobi mobile website service. Full details on the new features and enhancements to goMobi are available in a PDF provided by goMobi. You can view that document in this article in the Release Notes area of our Help & Support Portal.

Some of the highlights of this release include:

  • New feature: new WYSIWYG editor
  • New feature: drag and drop within features
  • New feature: additional third-party analytics provider
  • New feature: added Vimeo video support, in addition to YouTube
  • Usability improvement: add multiple recipients from site forms
  • Usability improvement: Find Us feature shows nearest location; enlarged location map and addition text field for custom directions.

The update will happen automatically for all goMobi sites. There’s nothing you need to do to enable access to these new features on sites.

Trustwave Premium EV SSL on Sale for July

trustwave_logoFor the month of July, we’re dropping the price on Trustwave’s Premium EV SSL to just $90 per year (from $135). Making it the best-priced EV certificate available from OpenSRS.

The reduced price is already reflected in your account. All you have to do is extend a discount to your customers to get more of them dressed up with a green bar. Here are all of the available benefits of the Trustwave Premium EV SSL certificate:

  • $250,000 Warranty
  • Extended Validation—highest organization validation
  • Green Address Bar in web browsers
  • Up to 256-bit Encryption
  • Free (Unlimited) Reissues for the life of the certificate
  • “Trusted Commerce” dynamic Site Seal
  • 100% Trusted Root Guarantee

Learn more about our Trustwave certificates.

Why your clients need to know about the Trademark Clearinghouse

You’ve heard us talk about new TLDs quite a bit in the recent past, and we promise that there’s even more to come. While the launch of the first new extension is probably still a few months away, there is one thing you should start talking about to your customers now – the Trademark Clearinghouse (TMCH).

As we have mentioned in an earlier post, the TMCH will be the central repository of trademark data, to be used by each and every new top-level domain to protect trademark holders at launch. But why is the TMCH relevant to you and your clients? It’s a domain add-on service you can make money on, and it can make the life of your business customers a lot easier.

What is the TMCH?

Trademark Clearinghouse logoTo explain this and better understand the benefits of the TMCH, let me give some more background on what it actually does. Any registered trademark of at least national effect in any country in the world can go into the Clearinghouse, with a few funny exceptions – no dots (.) and no existing TLDs (e.g. are allowed.

Once submitted, the TMCH will check with the relevant trademark register if the trademark exists and if it really belongs to the holder who submitted it. If the application is approved, it’s inserted to the TMCH database, which is the entry ticket to two great priority services: Sunrise and Claims Notices.


What’s so great about Sunrise – isn’t it super complicated and a big mess after all? Well, it might have been in the past. The TMCH however makes Sunrise phases what they really should be – an easy, standardized and cost-effective way to secure your trademark as a domain name ahead of everyone else in any new TLD you want.

And that is really everyone – any new TLD to come will be required to launch with a Sunrise phase for trademarks that are in the TMCH. The intellectual property community has been fighting for this over years and years, and they succeeded – if you own a trademark, you stand first in line at launch.

Claims Notices

Claims Notices is another unique service available through the TMCH. It kicks in after the Sunrise phase of each new TLD, and does two things.

First, whenever somebody tries to register a domain that matches a trademark in the TMCH, that person will receive a notice and acknowledge this fact before it’s possible to complete the registration.

Second, if that person continues the registration anyway, a second notice will be sent to the trademark holder, making him aware that this registrant potentially infringes on his trademark. That service comes at no additional cost, and it’s available during the first 90 days of each new TLD’s public launch phase.

No other third-party domain monitoring service can step in and warn registrants before they even unintentionally infringe on a mark.

Who is the TMCH For?

While I truely believe that the TMCH is a great service, it will be most interesting to your SMB and corporate customers. The potential customer base is huge, it’s not only the handful of globally known brands. In the US alone, there are currently over 1.8 million registered trademarks, with over 400,000 new filings in 2012. Germany has close to 800,000 registered marks, and the World Intellectual Property Organization (WIPO) reports a total number of over 3 million internationally valid trademarks.

This is large base of potential customers, and if you have any business customers, it is very likely at least some of them will have a trademark. You don’t want to send those high-value customers somewhere else.

So the TMCH is a great service that has a lot of value for what trademark owners usually consider a discount price – expect the TMCH charge from us to be at around $200 per year. The one drawback is – most businesses are not aware yet that new TLDs and the TMCH are coming. You will need to tell them about it, and we recommend to start doing that rather now to give your customers plenty of time to make up their minds.

Over the next couple of months, we’ll provide you with non-branded education materials that you can use to convey the message to your clients. We’ll keep you posted.

An Update on New TLDs

new top-level domainsEarlier this year, we set up an informational page detailing our position and outlook on the topic of new TLDs. Since then, and particularly since the conclusion of ICANN’s 46th international meeting last month in Beijing, we have received many inquiries from resellers about our plans for this exciting development. As a result, I thought it would be a good time to address some of the frequently asked questions we are receiving.

What do the current launch timelines look like for new TLDs?

We believe the most optimistic view currently puts the first TLDs live and launching their sunrise phases in the third quarter of 2013.

Most applicants are currently being evaluated by ICANN. Exactly when a specific extension will become available depends on several factors:

  1. Draw number: in December 2012, ICANN conducted a lottery draw to determine the priority by which each application would be evaluated. Lower numbers were to be evaluated first, and that process is now underway.
  2. Objections and contentions: extensions with multiple applicants, third party objections or intervention from ICANN’s Governmental Advisory Committee can expect to take longer to work through the evaluation process.
  3. Desired launch date: Once a new TLD has been approved by ICANN, it does not necessarily have to launch immediately. An approved applicant may elect to launch their extension at a later date once approved.

The net result of this is we expect extensions with no objections and only one application to launch first; many of these are Internationalized Domain Names and geographic/regional domain names.

What extensions are you planning to carry, anyway?

Unfortunately, it’s still a little bit too early to tell. That said, there are some high-level things we can say at this point:

  • We are actively evaluating each extension to determine which would offer the greatest business potential for our reseller network.
  • We will engineer to every requirement and protocol so that you can manage them all exactly the same way whenever possible using our API and control panel.
  • We will give you as much notice as possible regarding the launch of the TMCH, the extensions we plan to launch, and what kind of launch support to expect.

We will relay more details about what extensions will be going live when as we get them.

What about the Trademark Clearinghouse (TMCH)?

The TMCH will be an important part of the launch process. Every extension will be required to offer a sunrise period; if you are thinking of securing any names during this phase, want to protect any trademarks your company may have, or want to do the same for your customers, you’ll want to start thinking about the TMCH.

The purpose of the TMCH is to accept and validate records of registered trademarks, to add them to a central trademark database, and to subsequently a) allow them to be registered during the sunrise phase, and b) notify potential registrants during the general availability phase that the name is a registered trademark (and inform the trademark holder).

All trademark holders will be able to provide their trademark details to the TMCH via OpenSRS and its resellers. As a result, we expect to support the sunrise and landrush phases for many extensions.

While we’re not quite at the starting line for launching new TLDs yet, we’re getting close. Expect many updates in the coming months about the launch of new gTLDs. Stay tuned.

goMobi Update Coming March 12

Note: goMobi has pushed back this release to March 21.

gomobi_iphone-rOn March 12 March 21, goMobi plans to release an update to the goMobi mobile website service. Full details on the new features and enhancements to goMobi are available in a PDF provided by goMobi. You can view that document in this article in the Release Notes area of our Help & Support Portal.

Some of the highlights of this release include:

  • New feature: Find Us feature – adds “Verify Map Location” in the dashboard when adding your location to the site
  • New feature: New sharing options – business social network LinkedIn has been added
  • New feature: Added the ability to add any 3rd-party source code to features that have a WYSIWYG editor
  • New feature: New Site Cookie notification feature (for EU privacy compliance)
  • Usability improvement: ‘Create Page’ character restriction removed so users can create pages with more content
  • Usability improvement: Activated features will be displayed at top of Features list for easier editing

The update will happen automatically for all goMobi sites. There’s nothing you need to do to enable access to these new features on sites.

New gTLDs and OpenSRS

By now you’ve heard about the new gTLD program in the works at ICANN; concerning the text right of the dot. It has been in the works for quite a while now and looks like it will be another year or two before all the dust settles on the initial 2,000+ applications. So far we haven’t really talked about it, unlike some of the other registrars, because frankly there isn’t a whole lot of actionable news yet to share. We have however been following the developments quite closely, and like the rest of our domain business we’re going to bring our resellers as many of the new public gTLDs as possible.

In the meantime, we’ve set up a new page on the site explaining our position and outlook, along with a high-level overview of the roll-out timeline. We’ll be updating the page as new major developments come out, and when we get closer to actually having a new gTLD in the OpenSRS platform we’ll make sure you know about it in advance. We also invite you to hop into our community forum and ask us and the community any questions you have about the new gTLDs.

goMobi v1.8 to be released on December 17, 2012

On December 17, 2012, goMobi plans to release v.18 of the goMobi mobile website service.

Like all goMobi releases, there’s nothing you need to do as a reseller or goMobi customer. New features will automatically show up for all users on the release date as goMobi updates the application on its servers.

New Features

Version 1.8 brings a long list of new features including a new Site Navigation Menu bar, Google+ integration, the ability to hide features from the homepage and more. Additionally, this release addresses EU Cookie regulations.

More information

More information and a rundown of specific changes that are part of this goMobi release can be found in the OpenSRS Help & Support site.

New Webmail Transition Update

It’s been about three weeks since all users of OpenSRS Email Service were moved to the latest version of our webmail application.

Since the switchover, we’ve heard some great feedback from you and your customers. We know from experience that users are generally resistant to change, so we always go into these webmail upgrades with a bit of trepidation. Forcing change on people who might not immediately see the benefit can result in some unpleasant feelings for the users, and often has an impact on you and your support staff as users are supported through the change.

As hard as change can be, we knew that webmail was getting a bit long in the tooth and the new version brings some ease-of-use features and other changes that we feel makes it worth the effort.

Thanks for the great feedback

As mentioned, we’ve received great feedback over the last few months when the new webmail was first made available to users. Now that we have many more people using webmail as the default, we’ve identified a few bugs that weren’t exposed in the months of limited release and by our extensive internal testing. Some of the minor bugs (small visual or usability issues) have already been fixed.

We’ve also learned about some bigger issues including things like a printing bug that was discovered in certain situations when using IE8, some problems with Scandinavian language display, and a visual issue with the Address Book when performing certain tasks. Additionally, we’ve identified some performance and speed issues in certain circumstances.

Our development and operations teams are working hard to fix these bugs and issues – fixes will be implemented in a matter of days in some cases, and over the next few weeks in other cases. Overall speed and performance is something that we are continually working to improve and we’ve made that a high priority in the near term.

Let us know what you think

Thanks again for the feedback – keep it coming! Drop by the Help & Support site and let us know what you or your users are seeing (good and bad), or get in touch with Support via email or phone.

Become a Reseller

Sign Up Now