Know who controls every provider behind every client site.
Map the registrar, DNS, hosting, email, and SSL behind each client domain. Document ownership and access for every asset. Know who’s in control before the moment it matters.
No credit card required. Your first scan in under five minutes.
Known on day one. Discovered on go-live day.
Before a project goes live, someone needs access to DNS. Before a domain renews, someone needs to own the registrar account. Before a site migrates, someone needs to know which provider controls the hosting, and who the login belongs to. When that information is missing, everything stops. None of it was hidden. It was all discoverable on day one. Nobody looked.
The site is built. The client is ready. The DNS is still managed by an agency that stopped returning emails six months ago. The registrar login went to someone’s personal Gmail. The project is not going live today. This was all visible before the project started.
A critical provider account belongs to someone who left eighteen months ago. Nobody documented a backup admin. Nobody actually knows if MFA is enabled. Everything is fine. Right up until it isn’t. It was there on day one. Nobody documented it.
A client switches agencies. The incoming team inherits a tangle of accounts, personal logins, and extremely confident guesses. The outgoing agency is pretty sure the domain is in a GoDaddy account. Probably. What should take a day takes three weeks. The information existed. It just lived in three people’s heads and one personal inbox.
The solution
Not compliance paperwork. Not a new workflow. A maintained record of who controls every provider behind every client site, built from automated scans and kept current by your team.
Scan a domain and SiteGov maps the registrar, DNS, hosting, email platform, and SSL authority from live data. Then document who manages each asset: who the backup admin is, where credentials are stored, whether MFA is confirmed. One governance record per asset. When a project needs to move, the information is already there.
Client Portfolio
How it works
Paste a list of domains or upload a spreadsheet. SiteGov creates a client record for each one immediately.
SiteGov scans DNS, SSL, WHOIS, hosting signals, and email records from live sources. No agents. No integrations. No manual data entry.
Infrastructure findings surface what is missing, expiring, or mis-assigned. Missing admins, unverified MFA, and unknown credential locations are listed alongside them.
Document ownership, assign admins, confirm access, and record credential locations. One governance record per asset. Maintained as infrastructure changes.
Governance Record: DNS (Cloudflare)
Kenny Loggins
kenny@kennyloggins.com
1Password (shared vault)
The core artifact
Every provider behind a client site gets its own governance record: who manages it, who can get in if that person is unavailable, where the credentials live, and whether the account is locked down.
Infrastructure scans verify what is actually in place. Governance records document who is responsible. Together, they answer the question every agency eventually needs to answer: can we access this if we have to?
Platform
From kickoff scans to go-live days to annual reviews. Every feature fits a situation agencies already deal with.
When a client’s nameservers, registrar, IP addresses, CNAME chain, or domain lock status changes between scans, SiteGov detects it immediately and emails your team. Silent infrastructure changes are caught before they become an incident: a DNS hijack, a registrar transfer, a nameserver swap nobody authorized. This is the scenario that shouldn’t be possible to miss.
What triggers an alert
Live scans pull registrar, DNS, hosting, email, and SSL data from the source. No manual entry. No stale spreadsheets. Always current.
Track the primary admin, backup admin, MFA status, credential location, and recovery documentation per asset. The go-to record when access is the question.
A structured control map showing every provider layer behind a domain: domain controls, service infrastructure, and manual systems, in one organized view.
Infrastructure and governance findings ranked by severity. Former employee as admin, no backup documented, SSL expiring. Surfaced before they become emergencies.
The Digital Asset Control Score (0–100) measures infrastructure and access health per domain. One number that reflects how controlled each client’s web presence actually is.
Every client, every domain, and every missing record in one view. Sorted by risk. Always current. The first page open during a client call or a project kickoff.
Domain and SSL expiry tracked across your entire portfolio. Know what is renewing, when it expires, and, critically, who is responsible for the renewal.
A chronological record of when risks appeared and when they were resolved. Useful for incident reviews, client reporting, and access audits.
SiteGov recognizes hundreds of infrastructure providers. Unknown providers are flagged for review so you always know when something new appears in a client’s stack.
A key distinction
Most website problems aren’t technical. They’re definitional. Someone assumed ownership meant access. Someone assumed access meant control. Nobody asked which one they actually had.
Who holds legal or organizational claim over an asset. The domain registrant, the account holder, the name on the contract.
Ownership doesn’t guarantee you can log in.
Who has working credentials. A username, a password, a shared inbox, an API key. The ability to authenticate with a provider right now.
Access doesn’t mean the account is yours, or that you’ll still have it after someone leaves.
Who can actually make a change when it matters. Right now, under pressure, before a launch stalls or a domain lapses. Access plus authority plus knowing what you’re touching.
Control is the point.
SiteGov documents ownership, access, and control for every provider behind a client site. One governance record per asset, kept current as infrastructure changes.
Map your first domainFor agencies
The providers behind each client site are messy by default. Domains registered by founders, DNS managed by previous agencies, hosting billed to personal accounts, SSL certs nobody is tracking. SiteGov gives your team a structured record of who controls what across every client, before you need it.
Clients rarely ask for this until the domain expires, the launch stalls, or the handoff goes wrong. Agencies that track this proactively are the ones clients call first and leave last.
Agency Use Case
Package a SiteGov-powered review as a structured deliverable: a full picture of who controls each client’s domain, DNS, hosting, email, and SSL, with every gap documented and a clear ownership picture.
Include in maintenance plans and service proposals. Repeat annually to stay current. Give clients a verifiable record of who controls what, and what has been confirmed.
Data Ownership
SiteGov governance records belong to the domain owner, not the agency that built them. If a client relationship ends, the records go with the client.
Think of it like medical records. A doctor can maintain them, but they belong to the patient. Your client’s access history is theirs to keep.
Common questions
A spreadsheet holds what someone typed. SiteGov holds what’s actually running. It finds the DNS provider your spreadsheet doesn’t list, the SSL cert expiring in 11 days, and the nameserver that changed last Tuesday. The spreadsheet is a good intention. SiteGov is a live record.
Most agencies say that until a migration stalls because the client can’t find the registrar login, or a domain renewal lapses because it was registered under an email address nobody checks. SiteGov maps who controls what before you need it, not after you’re already on a call trying to recover it.
The scan is automatic. SiteGov probes the domain and populates registrar, DNS provider, nameservers, hosting, SSL, and email infrastructure without manual entry. What you add is who controls each one: who has the login, MFA status, credential location. That part takes minutes per domain, once, and stays current.
On the infrastructure side: registrar, domain expiry, DNSSEC status, DNS provider, nameservers, MX records, email authentication (SPF, DMARC), hosting provider, SSL certificate authority, and expiry. For each asset, your team documents who’s the primary admin, who’s the backup, MFA status, credential location, and whether access recovery is in place. Scans run automatically. Governance records are maintained by your team.
Not primarily. Security tools look for vulnerabilities: open ports, malware, injection risks. SiteGov looks for access gaps: expired certs, missing backup admins, undocumented credentials, former employees still listed as primary contacts. A site can pass a security scan and still be inaccessible the moment the one person who knows the registrar login leaves the company.
No. A password manager stores credentials. SiteGov documents that credentials exist, who holds them, where they’re stored, and whether access recovery is documented. It answers “do we have access?” without holding the passwords themselves. The two tools are complementary: use a password manager to store credentials, use SiteGov to confirm the right people have access and every account has a named owner.
The governance record belongs to the domain owner, not the agency that built it. If the relationship ends, the record transfers to the client. It’s not lost, and it’s not locked in. Think of it like medical records: the provider maintains them, but they belong to the patient. Your client’s infrastructure history is theirs to keep.
Get started
Add a domain and run your first scan. You might be surprised what turns up.
No credit card required. Five minutes to find out what nobody on your team actually knows.