Start » WordPress » Workshop » Making a WordPress site [02] Domain registration and nameservers

Making a WordPress site [02] Domain registration and nameservers

Updated: 26/09/2020.

After we made sure to have a secure and reliable email account, our website will need a domain. What is a domain and what are nameservers? How to set up the domain and nameservers? I’ll explain that in this post. A separate post explains how to transfer a domain from one domain registrar to another.

Contents:

  1. What is a domain, ie. domain name?
    1.1. Subdomains and naked domain
    1.2. Subdomain limitations
  2. What is a nameserver?
  3. Safe search of available domain names
  4. Registering a domain
  5. 2FA domain registrar account protection
  6. Managing domain and nameservers


1. What is a domain, ie. domain name?

There are several different ways to define and explain this term. Explanations I find on the Internet usually skip the essence and jump straight to some IP addresses etc. Here’s my explanation, for which I think it’s best, of course, since this is how I’d explain the term to a Martian, who has just learned what Internet network is:

Domain is an unique identifier (unique name) of someone’s ownership on the Internet.

We’ll get back to the green definition soon, when it will be more clear. But now let’s explain the domain structure (ie. what it consists of). Take bikegremlin.com for example:

Domain name structure
Domain name structure
Picture 1

One domain name consists of a TLD (Top Level Domain) and SLD (Second Level Domain).

  • TLDs are pre-defined, most popular being: “.com”, “.net”, “.org”, “.io”, along with some more “exotic” newer ones like: “.club”, or even “.pizza”.
  • SLDs are chosen by people when they register a domain name.

So, when I was looking for a domain name, I checked whether bikegremlin.com was available and since it was, registered it. No one else can now register bikegremlin.com. They could register “bikegremlin2.com”, or “bikegremlin.pizza“. However, domain name “bikegremlin.com” is unique and registered to me.

Domain registrations are handled by a non-profit organization ICANN (Internet Corporation for Assigned Names and Numbers). ICANN keeps a record of all the registered domain names. Delegating the process of domain registration and renewal do domain registrars, such as Namecheap, Porkbun etc. (affiliate links), as well as local registrars for country specific TLDs (“.rs”, “.me” etc.) – my reviews of Namecheap and Porkbun domain registrars. To paraphrase the green definition above:

Domain name is a unique combination of SLD+TLD.


1.1. Subdomains and naked domain

Technically speaking, if we take “bikegremlin.com” domain name for example, then “bikegremlin” is a subdomain of “.com” TLD. Of course, TLDs are the ownership of ICANN, so no other person, or company can register and own “.com”, or any other TLD. The most one can register is a combination of SLD+TLD, such as “google.com”, “bikeforums.net”, “cat-pictures.us” etc.

So, when the term “subdomain” is used, it refers to a subdomain of a SLT+TLD unique domain name (“subdomain.bikegremlin.com”).

Such as this website: “io.bikegremlin.com”. Or my cycling website: “bike.bikegremlin.com“.

Once you have registered your domain name (SLD+TLD), you can add subdomains at your own free will, without the need to register them with ICANN. Anything you place “below” your “mydomain.com” is yours to manage, without ICANN interfering, to put it that way.

Even “www” subdomain is the same as any other subdomain, it is just that historically, when the Internet was being developed, the “www” subdomain was used to show more clearly that the site uses Word Wide Web (http protocol), not some other protocol, like FTP for example.

It is, however, a common practice to set your domain so that both www.yourdomain.com and yourdomain.com point to the same address/website.

Domain variant without any subdomain (“bikegremlin.com”) is also called a “naked domain“.

There is a debate on the Internet whether your “main site” should use a “www” subdomain, or a “naked domain”. Based on my knowledge and experience, I’d say that “www” variant is better (“www.mydomain.com”). Why?

  • Subdomain can be defined as a CNAME DNS record (more on this in a post that offers DNS explanation). Which adds some flexibility (floating IP addresses, in case of server downtime for example).
  • If your website uses cookies, the cookies set for the main (naked) domain will be sent to all the subdomains as well. Which can be a problem if you want different setup for some subdomains (if you decide to use subdomains, as I have).
  • www.bikegremlin.com still unequivocally signals that it is a web address (website).

Opinions on this are fiercely divided and you’ll find a 1000 experts better than I am who will claim differently with good arguments. Having weighed all the arguments and previous experience, I still think “www” is the way to go – until proven otherwise with better arguments, when I will happily correct the above written passages and admit to having been wrong. The info given here, as with all my other articles is “to the best of my (current) knowledge” – nothing more, nothing less.


1.2. Subdomain limitations

In case you wandered, yes, the following combination is possible:
subdomain1.subdomain2.bikegremlin.com”
Or: “www.bike.bikegremlin.com”

  • bikegremlin.com – main domain.
  • io.bikegremlin.com, bike.bikegremlin.com etc. = *.bikegremlin.com – fist level subdomains.
  • www.io.bikegremlin.com = *.*.bikegremlin.com – second level subdomains.

This can go on (technically, you could pile up to 127 subdomain levels, like sd1.sd2…sd127.bikegremlin.com), but it doesn’t make much practical sense and it can cause a problem. How? When TLS/SSL certificates are issued, they can cover only one asterisk. So:

  • Certificate issued to bikegremlin.com will cover all the *.bikegremlin.com subdomains.
  • Certificate issued to io.bikegremlin.com will cover any *.io.bikegremlin.com combination.
  • But you can’t have one certificate cover *.*.bikegremlin.com – that’s too many variables for the certificate issuer to cover and confirm.

Also, if you are using Cloudflare, you won’t be able to get free protection for second, third and following level subdomains, only *.mydomain.com. Useful links that further explain this:


2. What is a nameserver?

Let’s start with the definition, which we will then explain, so it doesn’t sound “so scary” (it is simple):

Nameservers tell everyone on the Internet the location of the DNS provider of a given domain name (like “bikegremlin.com”).

What is a DNS (Domain Name Server) is a logical question? Shortly: it is the place where anyone from the Internet can go and see on which IP address they should go when looking for io.bikegremlin.com – and on which when they are looking for bike.bikegremlin.com – as well as all the other addresses related to a given domain name (domain) and all its subdomains (whichever subomain level they may be). DNS will be more nicely explained in a separate post. Until then, you can read the entire 1st chapter of the following link:
What is URL, DNS and redirection?

When you register a domain name with a domain registrar, the important information (so that you can set up websites and so that people can find those websites) are the nameservers. There are usually at least two nameservers (primary and backup, secondary nameserver). Here is the result given for querying the info for bikegremlin.com domain:

bikegremlin.com domain's primary and secondary nameserver
bikegremlin.com domain’s primary and secondary nameserver
Picture 2

My website uses Cloudflare’s DNS (see Cloudflare DNS setup), so on my domain registrar (Namecheap) I set up the Cloudflare’s nameservers assigned for my domain when I applied it for Cloudflare’s DNS service.

Congratulations if you’ve made it so far. Before going to the practical aspect of registering a domain and setting up nameservers, I’ll explain one more important thing: how to find an available domain name, without having it “snatched in front of your nose”.

But first I recommend you rest the mind and the eyes from this “wall of text”, take a break and watch a cool ancient video directed by Jim Jarmush, that has absolutely nothing to do with websites and Internet – strange music vol. 3. 🙂


3. Safe search of available domain names

YouTube autoplay can lead to the dark side. 🙂 Where were we? Safe search of domains. First let’s explain what “domain name front running” is.

Domain registrars are allowed by ICANN to “hold” a certain number of available domains for free, for a certain period. The idea is to help them get domains for the customers. However, this is often abused. How?

You come up with a cool domain name – say coolsite.com. Then you go to a domain registrar, or some other online tool for checking whether a domain name is available and search “coolsite.com” – and let’s say it’s available! If you don’t buy it (register it) right then, the following can happen:

Domain registrar could snatch it and when you search for “coolsite.com” on the following day, it will say that the domain is already registered, but you are in luck, it is for sale and you can “buy it for only 200 $” (instead of the regular 12 $). This is called “domain name front running“.

How to avoid this? By querying registrar databases directly, without using anyone’s web interface (so, direct search of ICANN registry database, not commercial domain registrars).

For windows, you can download and use this application: Whois v1.21.

For Linux, install whois using terminal command (call terminal using CTRL + ALT + T):

sudo apt install whois

Then you just type, in the terminal:

whois domainname.com

If the domain is taken, you will see something similar to the listing in the picture 2. If it is available, it will look like this:

Domain that is not registered (at the time of checking)
Domain that is not registered (at the time of checking)
Picture 3


4. Registering a domain

After you’ve safely and successfully found an available domain name (as explained in 3rd chapter), now is the time to register it. For example I’ll be using Namecheap registrar (affiliate link), but the principle is the same for all (my experience with Namecheap, and with Porkbun domain registrars). A separate post explains how to transfer a domain from one domain registrar to another.

Log in if you already have an account. If not, when you go to paying, you will be asked to fill in your data and create an account. Make sure you use your real data and a strong password. As far as domain registration is concerned, each domain registrar user interface has domain search bar, usually in the middle-top part of the screen:

Enter domain name (1), press enter, or click on search (2), then go to shopping/registration (3)
Enter domain name (1), press enter, or click on search (2), then go to shopping/registration (3)
Picture 4

Now you can confirm the order. Note that WHOIS privacy protection is turned on (whenever possible) by default (some domain registrars charge extra for this).

Enable WHOIS protection if it's off (1) and confirm the registration (2)
Enable WHOIS protection if it’s off (1) and confirm the registration (2)
Picture 5

After a short time, domain will be shown in your list of available domains. In the mean time, before managing the domain, let’s protect our domain registrar account by enabling 2 factor authentication:


5. 2FA domain registrar account protection

Since the protection of the registered domain is very important, it would be good to protect our domain registrar account with 2FA. To do this, go to the control panel (“Dashboard” with Namecheap) and find 2FA under security options:

Enabling 2FA is fairly simple and straight forward
Enabling 2FA is fairly simple and straight forward
Picture 6

On my account this is already activated – it says “ON (TOTP)”. But if it’s not on your account, click on “manage” (4). You’ll get a screen that looks like this:

I would recommend using Authy application
I would recommend using Authy application
Picture 7

If 2FA is not active with the account, option “enable” will be available. This takes you through a simple process that will require your smartphone with Authy (or Google Authenticator) application installed.

I won’t be demonstrating this process, though Namecheap has it brilliantly explained in their knowledge base.


6. Managing domain and nameservers

Finally, the fun part. 🙂 In control panel options, choose management for the desired domain:

Choose domain management option (3)
Choose domain management option (3)
Picture 8

In the following screen set up everything needed for the domain:

Custom nameserver setup, domain auto renewal and WHOIS protection enabling
Check your domain expiry (1) and add years if needed
Make sure auto-renew is enabled (2)
Make sure WHOIS protection is enabled (3)
Choose Custom DNS and enter nameservers for your DNS (4)
Click the checker mark to confirm the nameserver change (5)
Picture 8

If you aren’t using Cloudflare (or any other DNS provider – Hurricane Electric is good and free), your hosting provider should give you nameservers (at least two) that you should use.

If you wish to set your custom nameservers, for reseller hosting for example, so clients could use ns1.bikegremlin.com and ns2.bikegremlin.com, that is called “Glue DNS records”. I will not be explaining this in a text that is already quite long, but if you like, look at the excellent Namecheap’s tutorial for setting up personal nameservers for a domain. Some domain registrars charge extra for this, Namecheap and Porkbun don’t (affiliate links).

I hope this was useful and helpful. For any questions, corrections, or additions, use the comment section below.

Share...

5 thoughts on “Making a WordPress site [02] Domain registration and nameservers”

    • Another stupid question – just to be on the safe side:

      You ran whois using the command prompt?
      Trying to double click the .exe file is not going to work – that’s normal.

      I put such programs in the C:\Utils – making sure to add the utils to the path, so they can be run from any directory. Here is a tutorial on how to add a program to the path in Windows 10:
      https://www.architectryan.com/2018/03/17/add-to-the-path-on-windows-10/

      Then you can open the command prompt (Windows sign on the keyboard + R is the usual shortcut – then type “cmd” and press Enter).
      Running the whois using:
      whois64 domain-of-interest.com

      Hope this helps.

  1. Relja– no problem 🙂
    Yes, windows is up to date, and it’s the Home version.
    To be honest, I think I did try to double-click the exe file, hahaha. I must admit my knowledge regarding computers is limited. I’ve kept a copy of your last message for future use regarding getting WhoIs to work, should I decide to register more domains in the future. Appreciate you taking the time to help me.

    Reply
    • Got so much help on-line over the past decades, it feels great being in a position to spread it on and help the others. 🙂

      I should add that to the article – it probably isn’t something that goes without saying for everyone.
      It works now for you?

Leave a Reply to Ben_ Cancel reply

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.