HomeLearnDomain Expiring Soon

Domain Expiring Soon — Don’t Lose Your Domain

Updated May 2026 · Domain Protection · 4 min read

Table of Contents

  1. What expires when
  2. Renew right now
  3. Lock it down so you can’t lose it
  4. Why monitoring still matters

A lapsed domain is the single most-preventable disaster in domain security. Here’s how renewal really works, why grace periods aren’t a safety net, and how to never have to think about it again.

What expires when

Most TLDs (.com, .net, .org, .io, .co, country codes) expire 1–9 years after registration depending on what you paid for. After the expiry date, registrars typically allow a 30–45-day grace period where you can still renew at the normal price — but the domain may stop resolving, breaking your site and email immediately.

After grace, the domain enters redemption (~30 days, $80–200 fee to recover) and then pending delete (~5 days). Once it drops, anyone can register it — and domain snipers actively monitor expirations to grab valuable domains the moment they release.

Renew right now

  1. Log into your registrar and renew for at least one year, ideally three to five.
  2. Enable auto-renew. Confirm the billing card on file isn’t expired itself.
  3. Add a backup payment method if your registrar supports it.
  4. Set a calendar reminder 60 days before expiry as a manual fallback.

Lock it down so you can’t lose it

  1. Enable registrar lock (clientTransferProhibited) so no one can transfer the domain away without your explicit approval.
  2. Enable MFA on the registrar account itself — ideally with a hardware key, not SMS.
  3. Use registrar account email that’s NOT on the domain you’re protecting. (If the domain expires and email goes down, recovery emails go nowhere.)
  4. For high-value domains, consider registry-level lock (some TLDs offer this through enterprise registrars) which requires multi-step out-of-band verification before any change.

Why monitoring still matters

Auto-renew silently failing (expired card, declined payment, unhandled bounce email) is the most common failure mode. GuardHound’s WHOIS check warns you 30 days before expiry on every monitored domain so you catch silent failures before grace runs out.

Run a free scan to find issues like this on your domain

GuardHound checks SSL, DNS, breaches, CVEs, lookalikes, hosting reputation, and more in under 30 seconds.

Start Free Scan →

Frequently Asked Questions

What happens to my email if the domain expires?
It stops working the moment DNS goes dark, typically right after the expiry date. Inbound mail starts bouncing; outbound mail SPF-fails. Recovery is fast once you renew but the bounces are permanent.
Can I always recover an expired domain?
Within grace, yes at normal price. In redemption, yes for a substantial fee. After pending-delete drop, no — anyone can register it, and many do speculatively. Don’t rely on grace as a safety net.
Should I register multiple TLD variations?
For high-value brands, yes — at minimum the matching .com, your country code, and any TLD that’s common in your industry. Defensive registration is cheap insurance against typosquatting and brand confusion.

Related Guides

What is Domain Hijacking? The Eight-Dimension Risk Score