Using wildcard DNS record

Using wildcard DNS record

Using wildcard in DNS A or CNAME can reduce maintenance work, but this also has some drawback.


Updating DNS will take time, not only needs time to edit DNS entries, but also the DNS broadcast time, which can take more than 30 minutes to update an existing entry in other DNS server, and some DNS server can take even longer.

If use widecard, there is no editing requirement.


Search suffix

If /etc/resolv.conf has entry as below


When searching for, It might hit if wildcard used, because will return IP address as same as


Without editing entry, the some DNS servers might still caching old data. For example, if you have both wildcard * and a specific entry, and you decided to remove, the wildcard might not take effect.

Accessing non-exist domain

If using browser access undefined domain name, and hit the web server, using NGINX can perform redirect to change URL. This can fix the issues which web coding based on current URL.

server {
    listen 80;
    server_name *.mywebsite.tld;
    return 301 $scheme://mywebsite.tld$request_uri;

server {
    listen  80;
    server_name mywebsite.tld;


Is a wildcard DNS record bad practice?

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

The reCAPTCHA verification period has expired. Please reload the page.