Don’t Lose Your Church Website!

Don’t Lose Your Church Website!

It is very important that you not lose your church website.  Did you know that when a church lets their domain registration lapse, that it often gets bought up by an adult video site, a gambling site, or some other entity looking to make use of the domain’s Google search ranking?  People searching for your church might accidentally wind up viewing pornography simply because you forgot to pay for your domain.

Most domains cost between $15 and $30 a year, unless you are using a specialty TLD (Top-Level Domain, such as .com or .net).  New ICANN rules have allowed for a bunch of new TLDs such as .church or .institute, and some of these can be more expensive, but it’s vitally important that you maintain the annual registration on any domain that you register.

Here are a few suggestions for how to deal with your church website and domain, even if you have to change things.

  • If your church closes, redirect the domain to the website of another church nearby.  If there are no gospel-preaching churches close, then at least maintain the website and put a “closed” notice on the page.
  • If your church moves or changes names so that the domain is no longer relevant, forward the old domain to the new one.  Look up “domain forwarding” if you don’t know how to do it.
  • If you switch to a newer, more relevant domain, make sure to forward the old domain to the new one.

Maintaining domains is inexpensive, considering that the registration is annual. But, if you find yourself in a situation where the church website domain is tied to an expensive hosting plan that you don’t want to continue paying for, there are some other things you can consider.

Many times, churches pay a web developer to register their domain, create and maintain the website, and make any necessary updates or fix outages.  Other times, a young, enthusiastic person in the church takes responsibility for creating a new website (I know, I’ve done it!).  Through inaction, inexperience, or sometimes because unfortunate things happen and people leave, the relationship changes and the person who controls the church’s website is no longer part of the church.  Here are some guidelines for making sure that the church always retains control of the church website.

1. Safeguard Domain Access

The domain should always be registered by someone from the church, and login credentials should be shared between both the pastor and at least one other person, preferably a secretary, deacon, or trustee.  This makes sure that if something unfortunate happens, the church will still have access to the domain registration.

But (and this is important), make sure that the “controlling person” alone has access to the email account with which the domain is registered.  If someone with malicious intent has access to the email account, they can reset the password on the domain registrar (or any services using that email address) and take control of the church’s website.  Of course it’s a distasteful topic to discuss the possible betrayal of a person that is currently trustworthy, but keeping things separate and controlled can prevent disaster in the future.

2. Keep Domains and Hosting Separate

Depending on your hosting, register the domain separately from your web host (affiliate link).  This may be difficult as many hosting providers require a domain to create the account, but if you can register the domain separately and just point it at your host, you’ll be better off.

The reason for this suggestion is that you may find yourself in a situation where you wish to switch hosting providers and migrate your website, and if you kept domain registration separate, it will simply be a matter of pointing the DNS to a new IP address and copying the website files to the new server.  If your hosting is tied to your domain registration, the process may be much more complicated to transfer the domain in addition to migrating the site.  Following this advice may save you headaches in the future.

3. Use CloudFlare for domain registration and DNS

DNS stands for “Domain Name System” and is the background method by which the computers that make up the Internet find the correct server and website content when people wish to visit your site.  We recommend using CloudFlare, as they offer domain registrations at the absolute cheapest price possible, and you don’t have to pay for the CloudFlare services either, so just get the domain and point it at your host (after you’ve determined that you can get a hosting account without a domain).

CloudFlare offers not just DNS but also many other services, even free ones, for advanced customization of your website’s deliverability and functionality.  You may not be ready to take advantage of those right now, but you’ll be glad that you set everything up in CloudFlare when the time comes to make those changes.

4. Use a password manager for all of your passwords

This makes sharing passwords with others (see #1) easier, but it also helps you create unbreakable, unique, random passwords for all of your accounts, and access them anywhere.  As hacking and phishing attacks become more sophisticated, making sure that none of your passwords are shared across websites helps secure your accounts.

Modern web functionality is built around password managers.  A popular one is LastPass, and 1Password is another option, but if you use iCloud, you can simply use iCloud Password across your Apple devices.  Google offers similar functionality, and the third party tools work across all your devices, though some require a subscription to do so.

Also consider enabling two-factor authentication (TFA).  TFA requires you to sign in with a password and provide a one-time code texted to an authenticated device like your cell phone.  This makes sure that anyone who obtained the password illicitly doesn’t immediately gain access to your account, and you’ll be notified that someone is trying to login with your password without your knowledge.  Additionally, TFA allows you to share the one-time code with someone who is trusted with the password, but whose access you want to control.  Of course you should change the password after sharing it with someone else, preferably using a long random string like “Z#n4C9G9MYyQ” stored in a password manager.


While there is still a segment of church folks that pride themselves on not knowing how to turn computers on, this thankfully is disappearing and people are recognizing the importance of maintaining a consistent web presence.  It doesn’t have to be flashy, though it should look nice and be usable, and contain the information that visitors are seeking.  Nothing is more frustrating than visiting a church’s website and not knowing the pastor’s name, their address, service times, or what they believe about important issues like the King James Bible.

But above all, make sure that your church website doesn’t fall to nefarious and immoral actors that will use it to promote pornography or gambling, as often happens when churches allow their church website domain to lapse.

Leave a Reply

Your email address will not be published. Required fields are marked *