Overview
The .CO Registry has a Fair Use Policy to protect the stability, availability, and reliability of the Shared Registry System for all Registrars. The Registry may restrict a Registrar's access if activity is deemed excessive, abusive, or malicious — even if that activity technically falls within documented limits.
What Can Trigger Restriction
- Generating more than 2 million domain:check or failed domain:create commands per day.
- Generating more than 50,000 such commands per domain registered.
- Submitting more than 1 EPP check per second for the same object.
- Retrying failed commands without checking the response code first (e.g. retrying on a permanent error).
- Not backing off after receiving a rate-limiting response (such as a 429 RDAP response).
- Using domain:check (or RDAP HEAD) requests immediately after a domain:create instead of using the create response code.
Possible Enforcement Actions
The Registry may temporarily or indefinitely: restrict the number of EPP connections available to the Registrar; apply rate limiting to specific EPP commands; enable response caching so the Registrar does not receive real-time query updates.
Best Practices to Avoid Restrictions
- Always check the response code before retrying a failed command.
- Use exponential backoff when rate-limiting responses are received.
- Use EPP check to determine availability before submitting create.
- Use the Domain Drop List to time drop-catching attempts rather than polling continuously.
- Limit check commands to ≤1 per second per domain.