Info
KVKK m.12
GDPR Art. 5
Protect registrant data and renew on time
Exposed registrant details fuel targeted phishing, and a lapsed domain can be hijacked outright.
Why it matters
Public WHOIS contact data is a gift to social engineers. An expiring domain is worse — lose it and an attacker can register it and impersonate you completely.
How to fix it
Enable registrar WHOIS privacy where the law allows, turn on auto-renew, and lock the domain against unauthorised transfers.
Is your domain affected?
Prove ownership and run a scan for a graded, verifiable report.
Related guides
- Set up SPF, DKIM and DMARC to stop email spoofing
- Add the HTTP security headers every site should send
- Fix TLS: valid certificate and modern protocols only
- Remove exposed .git, .env and backup files
Compliance references are indicative mapping, not legal advice. Automated scanning is evidence and monitoring, not a guarantee of compliance.