Categories
Application Security Websites

Subdomains

Subdomains

A subdomain is a prefix added to your original domain name. It is like a domain within a domain, and it may look something like this: www.subdomain.example.com. Subdomains are commonly used by developers to use as a test version while they are creating a website, so that they do not disturb the traffic on the primary website. Some things that a developer may want to test include plugins or new features. There are many other common uses for submains including:

eCommerce. Online stores are complex, and businesses often choose to create a separate architecture to handle transactions, as it is easier to track and manage them there.

Geographic reach. Organizations that provide different content depending on the location of the visitor may want to use subdomains to provide those different experiences. For example: www.uk.example.com or www.ca.example.com.

Languages. Similar to geographic reach, creating subdomains in different languages may provide better user experiences for visitors who wish to receive your content in other languages. For example: www.fr.example.com.

Mobile version. There are many possible reasons for wanting a subdomain for the mobile version of a website: to distribute traffic, to allow the site to be hosted on a different host, to save money by not purchasing another domain name, to allow mobile users to choose between mobile or desktop versions of the site, to circumvent design challenges posed when trying to scale elements from the desktop version, and more.

Target audiences. Organizations that have distinct audiences, such as members or employees, may wish to use to subdomains through which they can access the content that is relevant to them. Certain audience subdomains may utilize password protection to gain access to that are of the website.

Blogs. Blog content is quite verbose and may include words and topics that stray from the organization’s core messaging. It is also possible that an organization could have a very active blog audience and/or active campaigns. Using a subdomain for this content allows this traffic to be distributed.

Support. An example of a support domain is: www.support.example.com. A dedicated support subdomain is helpful when an organization needs to provide a higher level of support than a simple FAQ page.

Forums: An organization with an online community often utilizes subdomains to distribute traffic and to make it easier to monitor activity on that area of the website.

Subdomains add a lot of flexibility and customizability to your website, and it is possible to add an array of subdomains for any combination of the aforementioned situations. It is important to note though, there are security concerns, so be aware of these threats in your website development process. A common vulnerability is when cyberattackers conduct a subdomain takeover when a hosting service expires or when DNS is misconfigured. Once cyberattackers have full privileges on the system after taking over the subdomain, they can upload files, monitor data traffic, create databases, and even clone the main website. Be certain to protect yourself by ensuring that your primary website and all of its subdomains are developed using the best security practices.