Is a wildcard DNS record bad practice?

problemofficer asked:

I asked my hoster to add three subdomains all pointing to the IP of the A record. It seems he simply added a wildcard DNS record because any random subdomain resolves to my IP now. This is OK for me from a technical point of view, since there are no subdomains pointing anywhere else. Then again I don’t like him not doing what I asked for. And so I wonder whether there are other reasons to tell him to change that. Are there any?

The only negative I found is that someone could link to my site using

My answer:

If you ever put a computer in that domain, you will get bizarre DNS failures, where when you attempt to visit some random site on the Internet, you arrive at yours instead.

Consider: You own the domain You set up your workstation and name it. … let’s say, Now you will notice in its /etc/resolv.conf it has the line:


This is convenient because it means you can do hostname lookups for, e.g. www which will then search for automatically for you. But it has a dark side: If you visit, say, Google, then it will search for, and if you have wildcard DNS, then that will resolve to your site, and instead of reaching Google you will wind up on your own site.

This applies equally to the server on which you’re running your web site! If it ever has to call external services, then the hostname lookups can fail in the same way. So for example suddenly becomes, routes directly back to your site, and of course fails.

This is why I never use wildcard DNS.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.