That is definitely true, it is risky and you have to trust your registrar. This has to be factored in when thinking of the threat model, or at least based on what are your goals and what the domain is for!
Delzur
joined 2 years ago
It seems that orangewebsite proposes the classic "private whois" where they hide your basic info and insert an email address that redirect to you. Now it's hard to know how easily they reveal the info to someone who calls or send a letter, but it seems hosters usually comply to anybody.
In njalla, your are not the owner, so there's nothing to reveal. Again, if you do something like hosting child abuse videos, they will help the authorities in that case. I'd suggest checking FAQ of hosters to get a feel of what they actually do for privacy, not just reading the claims on main pages.
Side note; as far as I know for some TLD it is forbidden to hide the info, in which case you're out of luck unless you're not the owner of the domain
Banning IPS is not really going to help against ddos, you will still be flooded with incoming traffic
For your domain, you could go with https://njal.la/ They are the actual owner of the domain and grant you the rights on it. This means that the whois will be them not you. They will still help with legitimate legal inquiries obviously though.
Check their about and faq page, it's interesting. Since they seem to do VPS, you could host the website there.
I don't know how much info they require from you, however. I didn't register there yet.
https://en.wikipedia.org/wiki/Top-level_domain