Multiple wildcard dns entries

Question

Are there any problems with having multiple wildcard dns entries for a domain?

Eg:

CNAME  *.a.example.com  1.1.1.1
CNAME  *.b.example.com  2.2.2.2
CNAME  *.example.com    3.3.3.3

I have this set up currently with DNSimple and it all seems to work ok, I'm just wondering if there are any potential issues.

I generally avoid wildcard entries as they cause a lot of unexpected problems. — mdpc, Jan 04 '13 at 00:28

score 2 · Accepted Answer · answered Jan 04 '13 at 03:44

2

With wildcard cname or a record, people can reach your site using

Any_Combination_Of_Inappropriate_Or_Embarrassing_Word.yourdomain.com

If some page in the wild link to your site with the above, when they indexed by search engine, your site may be associate with search item/terms/words you don't want. And you really have no control.

The above is the main reason I stay away from wildcard dns record.

answered Jan 04 '13 at 03:44

John Siu

3,667
2
17
23

I think this is only partially true: nothing prevents you from using robots.txt et al to prevent indexing such unknown domains of yours, plus nothing prevents the attacker from linking to your site with various inappropriate words, either. But, in general, I, too, agree with the idea that wildcard DNS is kinda evil. Unless there is some good reason why they have to be used, they shouldn't just be used for the sake of wildcardness. – cnst Jan 04 '13 at 04:08
@cnst Being index in such way maybe the worst case scenario. Allowing the site/machine to be accessed in such away is an embarrassment. Sometimes in-house / inside jokes may lead to consequences. – John Siu Jan 04 '13 at 04:16

score 0 · Answer 2 · answered Jan 04 '13 at 05:36

0

No, there's no problem with doing that.

It may help to think of those as different domains.

answered Jan 04 '13 at 05:36

Michael McNally

1,500
9
14

Multiple wildcard dns entries

2 Answers2

Linked