WHOIS Port 43 Is Dead. What Replaces It?

On January 28, 2025, ICANN removed the contractual obligation for gTLD registries and registrars to run WHOIS on port 43. The replacement is RDAP, the Registration Data Access Protocol.

Port 43 is not banned. Many operators still run it, and at least one major registry has committed to keep it alive. But the rule that made it universally available has been deleted, and the shutdowns have started. If your code opens a TCP socket on port 43 for a gTLD lookup, it is now running on a service that nobody is required to keep answering.

How we got here

WHOIS was born in 1982 with RFC 812. It was a plain text protocol for a small community of operators. Port 43 never gained authentication, encryption, or a standard response format. Every registry answered in its own flavor of text.

RDAP was standardized by the IETF in March 2015. The core specifications are RFC 7480 for HTTP usage, RFC 7481 for security, and RFC 9083 for the JSON response format. RDAP delivers the same registration data as WHOIS, but over HTTPS with TLS and HTTP status codes, and in a structured JSON format.

ICANN required all gTLD registries and registrars to offer RDAP by August 26, 2019.

On April 30, 2023, the ICANN Board approved the RDAP Global Amendments to the base gTLD Registry Agreement, Specification 13 for .brand TLDs, and the 2013 Registrar Accreditation Agreement. The amendments set a WHOIS sunset date 18 months after the effective date. That date was January 28, 2025.

What changed on January 28, 2025

The change is narrow. The obligation for gTLD registries and registrars to provide registration data through port 43 WHOIS and web-based WHOIS was removed. See the ICANN announcement.

This does not mean:

• Port 43 is banned. Operators can still run it.
• Every gTLD turned off WHOIS that day. Most did not.
• ccTLDs are affected. ICANN contracts cover gTLDs only. Country code domains like .uk, .de, and .fr are governed by their own registries, not by ICANN.
• .com is going away. Verisign committed to keep running WHOIS for .com in parallel with RDAP as part of the renewed .com Registry Agreement in November 2024, and specifically asked not to have the option to sunset it.

This does mean:

• Your code no longer has any guarantee that port 43 will answer for a given gTLD.
• A registry that turns off WHOIS tomorrow is not breaking any contract.
• RDAP is the definitive source for gTLD registration data.

How fast is the shutdown happening

Numbers published by ICANN and reported by the IETF:

• January 2025: about 122 billion WHOIS queries per month.
• June 2025: RDAP query volume passed WHOIS for the first time.
• August 2025: WHOIS down to about 49 billion per month. RDAP at about 65 billion.
• September 2025: 374 of roughly 1,000 gTLDs had shut down their WHOIS service.

WHOIS traffic dropped by about 60 percent in eight months. RDAP is now the larger protocol by volume.

What breaks in your code

If you rely on port 43 for gTLD lookups, here is what to expect.

Connection refused on specific TLDs. A registry you queried last month may not answer today. With 374 gTLDs having already shut down their WHOIS service by September 2025, the surface shrinks TLD by TLD.

Thin registry follow-through fails first. Verisign runs a thin registry for .com and .net: the registry response is minimal and points to the registrar's own RDDS for full contact data. Even though Verisign itself keeps WHOIS alive for .com, the registrar on the other end of the referral may not. If a registrar has turned off port 43 and kept only RDAP, your follow-through chain breaks even when the registry answers.

Format drift on the survivors. WHOIS output was never standardized. Parsers built on regex against specific label strings are already fragile, and there is no reason for registries to keep legacy formats stable as traffic decays.

The failure mode is not a clean outage. It is gradual coverage loss.

What to use instead

RDAP. It is the only ICANN-sanctioned replacement, and it has been deployed across every gTLD since August 2019 because the mandate to run it in parallel was already in place.

A raw RDAP query looks like this:

curl https://rdap.verisign.com/com/v1/domain/example.com

The response is JSON. Dates are RFC 3339 timestamps. Errors come back as structured objects with HTTP status codes. Contact data uses vcardArray (jCard, RFC 7095).

Finding the correct RDAP base URL for a given TLD is done through the IANA bootstrap registry, which maps every TLD with an RDAP service to its server.

The ccTLD caveat

ICANN does not set rules for country code TLDs. The January 2025 sunset does not apply to them. The IETF reports RDAP adoption at about 60 percent of ccTLDs, which means roughly 40 percent are still WHOIS-only. If your tool needs to cover the whole namespace, you still need a WHOIS path for the ccTLDs without an RDAP endpoint. The IANA bootstrap file is the authoritative way to tell which TLDs are in which group.

What to do this week

1. Grep for port 43. Find every call site that opens a TCP socket on port 43 or shells out to the whois binary. These are your migration targets.
2. Split your TLD coverage. List the TLDs you actually query. Separate gTLDs from ccTLDs. The gTLD paths should move to RDAP first because they are the ones losing coverage.
3. Switch the gTLD path to RDAP. Use the IANA bootstrap file to resolve the server per TLD. Query over HTTPS. Parse JSON.
4. Keep a WHOIS fallback for ccTLDs not in the RDAP bootstrap. For those, port 43 is still the only option.

If you would rather not run the routing and normalization yourself, this API offers a hosted RDAP endpoint with normalized JSON across gTLDs. You can try a lookup on the homepage without an account.

Sources:

• ICANN Update: Launching RDAP; Sunsetting WHOIS (Jan 27, 2025)
• ICANN Board Approves RDAP Amendments (May 4, 2023)
• 2023 Global Amendments to gTLD Registry Agreement and RAA
• ICANN renews .com Registry Agreement with Verisign (Nov 27, 2024)
• IETF: The current state of RDAP