After we made sure to have a secure and reliable email account, our website will need a domain. What is a domain and what are nameservers? How to set up the domain and nameservers? I’ll explain that in this post.
- Making a WordPress site series:
-  Email
-  Domain registration and nameservers
-  Hosting
-  DNS
-  Hosting account setup and SSL
- What is a domain, ie. domain name?
1.1. Subdomains and naked domain
1.2. Subdomain limitations
- What is a nameserver?
- Safe search of available domain names
- Registering a domain
- 2FA domain registrar account protection
- Managing domain and nameservers
1. What is a domain, ie. domain name?
There are several different ways to define and explain this term. Explanations I find on the Internet usually skip the essence and jump straight to some IP addresses etc. Here’s my explanation, for which I think it’s best, of course, since this is how I’d explain the term to a Martian, who has just learned what Internet network is:
Domain is an unique identifier (unique name) of someone’s ownership on the Internet.
We’ll get back to the green definition soon, when it will be more clear. But now let’s explain the domain structure (ie. what it consists of). Take bikegremlin.com for example:
One domain name consists of a TLD (Top Level Domain) and SLD (Second Level Domain).
- TLDs are pre-defined, most popular being: “.com”, “.net”, “.org”, “.io”, along with some more “exotic” newer ones like: “.club”, or even “.pizza”.
- SLDs are chosen by people when they register a domain name.
So, when I was looking for a domain name, I checked whether bikegremlin.com was available and since it was, registered it. No one else can now register bikegremlin.com. They could register “bikegremlin2.com”, or “bikegremlin.pizza“. However, domain name “bikegremlin.com” is unique and registered to me.
Domain registrations are handled by a non-profit organization ICANN (Internet Corporation for Assigned Names and Numbers). ICANN keeps a record of all the registered domain names. Delegating the process of domain registration and renewal do domain registrars, such as Namecheap, Porkbun etc. (affiliate links), as well as local registrars for country specific TLDs (“.rs”, “.me” etc.). To paraphrase the green definition above:
Domain name is a unique combination of SLD+TLD.
1.1. Subdomains and naked domain
Technically speaking, if we take “bikegremlin.com” domain name for example, then “bikegremlin” is a subdomain of “.com” TLD. Of course, TLDs are the ownership of ICANN, so no other person, or company can register and own “.com”, or any other TLD. The most one can register is a combination of SLD+TLD, such as “google.com”, “bikeforums.net”, “cat-pictures.us” etc.
So, when the term “subdomain” is used, it refers to a subdomain of a SLT+TLD unique domain name (“subdomain.bikegremlin.com”).
Such as this website: “io.bikegremlin.com”. Or my cycling website: “bike.bikegremlin.com“.
Once you have registered your domain name (SLD+TLD), you can add subdomains at your own free will, without the need to register them with ICANN. Anything you place “below” your “mydomain.com” is yours to manage, without ICANN interfering, to put it that way.
Even “www” subdomain is the same as any other subdomain, it is just that historically, when the Internet was being developed, the “www” subdomain was used to show more clearly that the site uses Word Wide Web (http protocol), not some other protocol, like FTP for example.
It is, however, a common practice to set your domain so that both www.yourdomain.com and yourdomain.com point to the same address/website.
Domain variant without any subdomain (“bikegremlin.com”) is also called a “naked domain“.
There is a debate on the Internet whether your “main site” should use a “www” subdomain, or a “naked domain”. Based on my knowledge and experience, I’d say that “www” variant is better (“www.mydomain.com”). Why?
- Subdomain can be defined as a CNAME DNS record (more on this in a post that offers DNS explanation). Which adds some flexibility (floating IP addresses, in case of server downtime for example).
- www.bikegremlin.com still unequivocally signals that it is a web address (website).
Opinions on this are fiercely divided and you’ll find a 1000 experts better than I am who will claim differently with good arguments. Having weighed all the arguments and previous experience, I still think “www” is the way to go – until proven otherwise with better arguments, when I will happily correct the above written passages and admit to having been wrong. The info given here, as with all my other articles is “to the best of my (current) knowledge” – nothing more, nothing less.
1.2. Subdomain limitations
In case you wandered, yes, the following combination is possible:
- bikegremlin.com – main domain.
- io.bikegremlin.com, bike.bikegremlin.com etc. = *.bikegremlin.com – fist level subdomains.
- www.io.bikegremlin.com = *.*.bikegremlin.com – second level subdomains.
This can go on (technically, you could pile up to 127 subdomain levels, like sd1.sd2…sd127.bikegremlin.com), but it doesn’t make much practical sense and it can cause a problem. How? When TLS/SSL certificates are issued, they can cover only one asterisk. So:
- Certificate issued to bikegremlin.com will cover all the *.bikegremlin.com subdomains.
- Certificate issued to io.bikegremlin.com will cover any *.io.bikegremlin.com combination.
- But you can’t have one certificate cover *.*.bikegremlin.com – that’s too many variables for the certificate issuer to cover and confirm.
Also, if you are using Cloudflare, you won’t be able to get free protection for second, third and following level subdomains, only *.mydomain.com. Useful links that further explain this:
2. What is a nameserver?
Let’s start with the definition, which we will then explain, so it doesn’t sound “so scary” (it is simple):
Nameservers tell everyone on the Internet the location of the DNS provider of a given domain name (like “bikegremlin.com”).
What is a DNS (Domain Name Server) is a logical question? Shortly: it is the place where anyone from the Internet can go and see on which IP address they should go when looking for io.bikegremlin.com – and on which when they are looking for bike.bikegremlin.com – as well as all the other addresses related to a given domain name (domain) and all its subdomains (whichever subomain level they may be). DNS will be more nicely explained in a separate post. Until then, you can read the entire 1st chapter of the following link:
What is URL, DNS and redirection?
When you register a domain name with a domain registrar, the important information (so that you can set up websites and so that people can find those websites) are the nameservers. There are usually at least two nameservers (primary and backup, secondary nameserver). Here is the result given for querying the info for bikegremlin.com domain:
My website uses Cloudflare’s DNS, so on my domain registrar (Namecheap) I set up the Cloudflare’s nameservers assigned for my domain when I applied it for Cloudflare’s DNS service.
Congratulations if you’ve made it so far. Before going to the practical aspect of registering a domain and setting up nameservers, I’ll explain one more important thing: how to find an available domain name, without having it “snatched in front of your nose”.
But first I recommend you rest the mind and the eyes from this “wall of text”, take a break and watch a cool ancient video directed by Jim Jarmush, that has absolutely nothing to do with websites and Internet – strange music vol. 3. 🙂
3. Safe search of available domain names
YouTube autoplay can lead to the dark side. 🙂 Where were we? Safe search of domains. First let’s explain what “domain name front running” is.
Domain registrars are allowed by ICANN to “hold” a certain number of available domains for free, for a certain period. The idea is to help them get domains for the customers. However, this is often abused. How?
You come up with a cool domain name – say coolsite.com. Then you go to a domain registrar, or some other online tool for checking whether a domain name is available and search “coolsite.com” – and let’s say it’s available! If you don’t buy it (register it) right then, the following can happen:
Domain registrar could snatch it and when you search for “coolsite.com” on the following day, it will say that the domain is already registered, but you are in luck, it is for sale and you can “buy it for only 200 $” (instead of the regular 12 $). This is called “domain name front running“.
How to avoid this? By querying registrar databases directly, without using anyone’s web interface (so, direct search of ICANN registry database, not commercial domain registrars).
For windows, you can download and use this application: Whois v1.21.
For Linux, install whois using terminal command (call terminal using CTRL + ALT + T):
sudo apt install whois
Then you just type, in the terminal:
If the domain is taken, you will see something similar to the listing in the picture 2. If it is available, it will look like this:
4. Registering a domain
After you’ve safely and successfully found an available domain name (as explained in 3rd chapter), now is the time to register it. For example I’ll be using Namecheap registrar (affiliate link), but the principle is the same for all.
Log in if you already have an account. If not, when you go to paying, you will be asked to fill in your data and create an account. Make sure you use your real data and a strong password. As far as domain registration is concerned, each domain registrar user interface has domain search bar, usually in the middle-top part of the screen:
Now you can confirm the order. Note that WHOIS privacy protection is turned on (whenever possible) by default (some domain registrars charge extra for this).
After a short time, domain will be shown in your list of available domains. In the mean time, before managing the domain, let’s protect our domain registrar account by enabling 2 factor authentication:
5. 2FA domain registrar account protection
Since the protection of the registered domain is very important, it would be good to protect our domain registrar account with 2FA. To do this, go to the control panel (“Dashboard” with Namecheap) and find 2FA under security options:
On my account this is already activated – it says “ON (TOTP)”. But if it’s not on your account, click on “manage” (4). You’ll get a screen that looks like this:
If 2FA is not active with the account, option “enable” will be available. This takes you through a simple process that will require your smartphone with Authy (or Google Authenticator) application installed.
I won’t be demonstrating this process, though Namecheap has it brilliantly explained in their knowledge base.
6. Managing domain and nameservers
Finally, the fun part. 🙂 In control panel options, choose management for the desired domain:
In the following screen set up everything needed for the domain:
If you aren’t using Cloudflare (or any other DNS provider – Hurricane Electric is good and free), your hosting provider should give you nameservers (at least two) that you should use.
If you wish to set your custom nameservers, for reseller hosting for example, so clients could use ns1.bikegremlin.com and ns2.bikegremlin.com, that is called “Glue DNS records”. I will not be explaining this in a text that is already quite long, but if you like, look at the excellent Namecheap’s tutorial for setting up personal nameservers for a domain. Some domain registrars charge extra for this, Namecheap and Porkbun don’t (affiliate links).
I hope this was useful and helpful. For any questions, corrections, or additions, use the comment section below.