Dan's Domain Site | Structure | Subdomains

Dan's Domain Site

Structure: Subdomains

A domain name is a hierarchical series of character strings separated by periods, proceeding from general top-level domains at the right end of the name to specific site names to the left. An important fact to know is that whoever controls a particular domain name can create an unlimited number of domain names that use the original name as a suffix. Thus, the owner of downloadstore.com can create activision.downloadstore.com, interplay.downloadstore.com, etc. (These were actual subdomains of a site I used to work for, though I don't think they exist any more after the site came under different management and was restructured.) This fact isn't fully understood by people who ask "How can I register the domain www.myname.com?" You don't register www.myname.com; rather, you register myname.com with a registrar (formerly Network Solutions had a monopoly on this under the "InterNIC" name, but now it's been opened to competition), and once you have it, are free to create hostnames and subdomains within it, including www.myname.com, and others such as subsite.myname.com, or even multiple-level subdomains like host.group.subsite.myname.com.

Note that you do not have to submit any sort of registration to get such subdomains, once you have the original domain, nor do you have to pay a fee to a registry body. It's up to your own system administrator (either on-site if you have a physical server of your own, or at your ISP if that's where your domain is hosted) to set up these subdomains. (If it's with an ISP, they might charge you for the service, but there's no external registration fee like there is for a new domain.)

The ability to create subdomains is actually, when you think about it, an awesome degree of power that every domain name owner has, permitting the creation of a vast namespace without the need to get permission from anybody else. It's like owning your own city and being able to put all the streets, houses, parks, and neighborhoods you want in it. People who just use a domain name as an "Internet keyword" to provide a cutesy name for a Web site are letting this vast power go to waste.

As a matter of tradition, Web sites usually have the hostname www as the leftmost element in their domain address, but there is no requirement that this be the case; it's possible to use anything else, though that will be more confusing to users. Many sites work with just the base domain name, like http://somewhere.net/, but that isn't always feasible to implement; the base domain might be used for lots of other things, like e-mail, FTP transfers, etc., which might be on different servers, so the www hostname makes it clear that you're accessing the Web server in particular. Anyway, users are used to typing it, so even sites that work without the www prefix should also implement the addresses with www added. This is easy to configure with popular Web servers such as Apache.

The commercialization of the net over the last few years has caused a massive demand for domain names. In some cases, the domain names chosen by people, organizations, and companies seem to show either a lack of understanding of the hierarchical naming system or a pandering to a general public ignorant of such things. For instance, there was no need for TV networks to obtain such domains as nbcsports.com and abcnews.com; sports.nbc.com and news.abc.com would have worked fine. (ABC does seem to finally be "getting it"; rather than give their 20/20 show yet another needless domain, they gave it a subdomain, 2020.abcnews.com.) Even the excellent NetMechanic site, which gives good automated advice on problems with your Web site, has an unnecessary domain duplication: their main site is at netmechanic.com, while a secondary site with the "robot" CGI scripts is at netmechanic2.com. These sites appear to be on separate servers hosted by different providers, and maybe they're not even in the same city (I'm not sure), but that still did not necessitate these totally separate domains: they could have used server1.netmechanic.com, server2.netmechanic.com, etc., and still had the different servers halfway around the world from one another if they wanted.

Subdomains and their Uses

If your organization is an affiliate, subsidiary, or chapter of a national or international organization, you might ask the headquarters if you can get a subdomain within the organization's domain; if you can, this would save you the InterNIC registration fee (subdomains don't cost anything to register) as well as give your organization an address that indicates its affiliation. For instance, I started a site for the Libertarian Party of Louisiana at www.la.lp.org using a subdomain of the lp.org domain. Lots of people who are unaware of the possibility of subdomains end up getting unnecessary and illogical domains like bigcorp-chicago.com, bigcorp-denver.com, etc., for different offices that could have been designated more logically as chicago.bigcorp.com, denver.bigcorp.com, etc. If you follow this system, you'll make it easier for people to find other chapter or branch sites once they've found one; somebody who's seen www.la.lp.org can figure out that the Libertarian Party of Texas is at www.tx.lp.org.

As the "flip-side" of the above, if you're involved in running the national or international headquarters of an organization with lots of chapters and affiliates, why not make subdomains of your organization's domain available to the local groups, and publicize this availability in group communications such as newsletters and e-mail lists? The local webmasters won't know they can get a subdomain for their site unless you tell them, and they'll end up with a crazy-quilt of inconsistent site names including long addresses with tildes (~) within an ISP site as well as various domain names chapters went and got on their own. Isn't it more logical for the Foobar Society to have chapter sites at addresses like miami.foobar.org, austin.foobar.org and poughkeepsie.foobar.org, rather than foobar-miami.org, austin-isp.com/~foobar/, and pokfoobar.com?

If there's a "schism" or factional split in an organization's chapter, and one side winds up retaining (or gaining) the status of official affiliate of the national organization, while the other does not have this status (but might keep on trying to conduct activities under the organization name, to the confusion of the public), then the use of logical subdomains becomes even more valuable: only the group that's recognized nationally as the official chapter can have a subdomain of the national domain, and such subdomains can be transferred by national to the winning faction if the affiliation changes. Thus, the public can be assured that the group with such an address is the recognized one, not a pretender to the title. If logical subdomains are not used, you can't tell the players without a scorecard: look, for instance, at the two contending Libertarian Party of Arizona sites, azlp.org and arizonalibertarian.org, and tell me which one is the current recognized affiliate. If one of them were az.lp.org, it would be obvious.

And, if your brilliant new e-commerce scheme involves setting up a whole cluster of related sites, why not find one good domain that can be used as the "base" for a whole bunch of subdomains, instead of registering a heap of different domains for your sites? For instance, instead of registering musicstuff.com, carstuff.com, travelstuff.com, etc., get stuff.com, then you can create music.stuff.com, etc. This may be easier said than done now that practically all of the short, meaningful words are already taken, but it's still worth a try. Maybe it's worth paying a cyber-speculator big bucks for a good "suffix domain" if it's the one domain you'll need to set up your whole site family.

Note: It actually would be very much to the advantage of companies and organizations doing business on the Internet for them to use the hierarchical structure of domains and to educate the public in the meaning of this structure. That would help "immunize" people to scams in which people mislead others into thinking they represent a trusted organization by registering domain names that look like they might belong to that organization.

Case in point: somebody registered the domain valuehelp.net, and then contacted subscribers to the ISP value.net, giving the valuehelp.net address as a place they could pay their ISP bills online using credit cards. Actually, any credit cards entered there went to a scamster unaffiliated with value.net. But with all the "cutesy" domains being used by companies these days, with all sorts of phrases and variations on their company name used for special offers and the like, it was entirely plausible that valuehelp.net was an "official" value.net site for the convenience of their customers, an expectation which was used to fraudulent advantage. If companies avoided such things, and made a point of always using correctly-structured subdomains for any of their sites that they wished to identify with their company name (e.g., used help.value.net for a "help site" affiliated with value.net, instead of valuehelp.net), then people would be more likely to distrust any site that didn't follow this scheme, and scammers would have less chance of snaring suckers. A scammer wouldn't be able to take over a legitimate subdomain like help.value.net without hacking into value.net's DNS servers, while any jerk can register a separate domain that looks like it might be affiliated with them. (And another case in point has happened: somebody put up a site at paypalebay.com that was apparently a scam, unrelated to either PayPal or Ebay, but trying to get people to supply their passwords for those services to log into an alleged new joint venture of theirs.) As of 2006, "phishing" scams are everpresent; I got one purporting to be from Barclays Bank and using a link to barclay-security.com. (I don't even have an account with that bank!) Unfortunately, banks, who should know better, are often among the biggest users of silly vanity domains (see the Citibank example below), making it hard to distinguish the phishers from the real thing.

The mainstream press may finally be realizing what I've been saying all along; check out this article entitled "Cutesy Domain Names Making Online Fraud Easier". More recently, in a 2004 article, a New York Times writer said: Phishers often create Internet addresses that closely resemble legitimate ones. Some have used domains that included "yahoo-billing.com" and "eBay-secure.com." How is the typical user to know those are not real, but "billing.yahoo.com" is? Well, educating them about the structure of subdomains would be a good start.

A while back, I got a piece of bulk mail on Citibank stationery urging me to use their online credit card account information service. The URL they gave for it used the domain registermyaccount.com. That address in turn redirected to a secure-server page at accountonline.com. Neither of these addresses gives any particular confidence of being officially affiliated with Citibank, and the page is asking me to enter my credit card number. A clever con-man could have sent forged bulk mail sending people to a credit-card-stealing site of his own devising. Or, in an even easier con, he could register a similar address like registeryouraccount.com (still available last I checked) and hope to snare a few suckers who mistype the address. A subdomain of citibank.com would give me much more confidence that it's legitimate. (Incidentally, I notice that this page gets lots of hits from people following search engines using the search string "www.registermyaccount.com" or some variation of this; are there really that many people out there who don't know that the browser's address line is the proper place to type an address you're trying to get to, not a search engine's search form?)

Another point against registering zillions of separate domains for every marketing gimmick and temporarily-significant phrase is that it creates a massive problem keeping track of all of them and making sure they're renewed on time. There are many cases of companies and organizations accidentally letting some of their domains lapse and finding that somebody else gets them and puts up pornography or something else embarrassing, when there are still lots of other sites and search engines linking to the address. Also, when an organization registers lots of names of a predictable format, like OurSite123.com, OurSite124.com, etc., that tends to encourage cybersquatters to grab other names of the same format that you didn't get yet. Subdomains, on the other hand, don't have to be renewed and can't be cybersquatted on.

One more thing to note is that, if you use cookies in your site (as often done to track session status, keep online store shopping carts, etc.), they only work within one domain. For security and privacy purposes, browsers will not transmit cookies to any site in a different domain from the one that set the cookie. They can be shared across subdomains and hosts within a domain, but not from one domain to another. (To share a cookie between subdomains, like sub1.mydomain.com and sub2.mydomain.com, you must be sure to specify a domain of .mydomain.com when setting the cookie, rather than letting it default to the current host, in which case it wouldn't share with any other subdomain, even within the same domain.) This provides yet another reason to use logically structured subdomains instead of different domains for your different sites, if you have any desire to share common shopping carts or session status between the sites via cookies.

Can a particular TLD limit domain owners' rights to create subdomains?

I didn't think so, but I recently noticed that the .tv domain has in its terms of service a provision prohibiting anybody from providing subdomains to any other party -- if you have the domain that.tv, you're not supposed to let anybody else put up a site at this.that.tv. This seems to be contrary to the rules of RFC 1591, which state "There are no requirements on subdomains of top-level domains beyond the requirements on higher-level domains themselves. That is, the requirements in this memo are applied recursively. In particular, all subdomains shall be allowed to operate their own domain name servers, providing in them whatever information the subdomain manager sees fit (as long as it is true and correct)." In other words, once a domain at any level is assigned, the entity who has been assigned the domain has complete power over deciding policy regarding who can get a domain beneath it at the next level. That's how the hierarchical domain name system was designed. That .tv sees fit to limit what you can do with a domain once you get it is a good reason to avoid this domain.

Can a subdomain be cybersquatting?

Domain conflicts have usually been regarding registrations of second-level names within top-level domains. There have rarely been conflicts that have reached the courts regarding subdomains that are not directly registered with a registrar or registry. Dispute policies such as the UDRP don't reach these disputes. However, there have been a few occasions where somebody has alleged that a subdomain name is an infringement of some form of intellectual property rights. One case, Jews for Jesus v. Google, filed in late 2005, alleges that a Blogspot subdomain (available free to users of its blogging service) violates the trademark of Jews for Jesus. The blog in question is at jewsforjesus.blogspot.com, and it got very little traffic until the lawsuit made it notable. Interesting issues in this case include whether a third-level subdomain such as this can be an infringement in the first place, as well as whether any liability for such infringement belongs only to the blogger who chose the name or to Google, which owns the Blogger service. See some commentary in the CircleID site.

Don't know how to set up subdomains?

Among the common questions I get by e-mail are from people who have read this article and want to know how they can set up subdomains in their own domain themselves, and have them go to different Web sites. Unfortunately, I can't give a quick and easy answer, since it depends on where their domain is hosted and who provides DNS (Domain Name Service) for it.

If your domain's DNS is set up on your own server, of which you have configuration control, then you'll have to set up the subdomain yourself in the DNS host configuration. Exactly how to do this depends on the operating system. If it's a Unix server running BIND, as is common on the Internet, the O'Reilly book DNS and BIND may be helpful. [Buy it at Amazon.com!] Then you'll have to configure your web server software to recognize the virtual subdomains and serve different Web sites; if it's Apache, then this is done in the httpd.conf file; see apache.org for documentation.

If, as is more common these days, your DNS and web server are not under your direct control but are at an ISP, hosting provider, domain registrar, or domain parking/redirecting service, then you'll have to get the subdomain set up with your provider. Some providers give you a Web interface for setting up subdomains and pointing them at different Web sites; my own provider, DreamHost does. If you're looking for a provider, they're a good choice. But if yours doesn't have that feature on its Web panel, they might still set up a subdomain for you if you call or e-mail them and ask them. If your domain is on a free parking service, the available features are likely to be a lot more limited.

If you wish to have a subdomain pointing at a different server entirely, for instance to give an address to the separately-hosted site of a chapter or subsidiary, then the configuration needs get more complex, with the appropriate setup needing to be done both at the host of the parent domain and the host of the subdomain. This is unlikely to be directly available in a provider's Web panel functions, so it will probably require contacting tech support at the respective providers (and might entail a setup fee).


  • haters.info -- free subdomain address for your protest or criticism site, if you can convince me you deserve it...
  • cmu.edu subdomain policy
  • The Anglican Domain: Chaos in Naming -- discusses the crazy-quilt of domains used by Anglican church dioceses, then offers a logical subdomain naming scheme in anglican.org. A very commendable effort.
  • Ugly URLs R Us -- Can your browser handle the long subdomain linked to within this page?
  • RFC 2219 -- discusses the standard hostnames like "www", "ftp", etc., used to denote different services available within a given domain.
  • Instant-Domain and AZC (which I think are different branches of the same company) have pages explaining why they don't do subdomains for their customers, giving mostly bogus and silly reasons. They say that subdomains don't get indexed in search engines (nonsense: this site is well-indexed with its domains.dan.info address), that they dilute the branding of the company's domain (and registering lots of different domains instead doesn't???), and that they're a useless service some hosting providers push on customers to make more money (but pushing customers to register more regular domains isn't?).
  • Logic vs. Usability (criticizing subdomain use because it produces "less memorable" domains)

Back to the Structure section
Back to the front of the site!


This page was first created 14 Mar 2001, and was last modified 01 Apr 2006.
Copyright © 2001-2018 by Daniel R. Tobias. All rights reserved.