Domain Alias

What is a Domain Alias?

A domain alias is a secondary domain name that points to the same website, application, or content as a primary domain. When configured correctly, multiple domain names can serve identical content, providing users with different ways to reach the same destination.

Domain Alias vs. Domain Forwarding

User types: shop.example.com
Browser shows: shop.example.com
Content from: example.com (same server, same content)

User types: shop.example.com
Browser redirects to: example.com
Browser shows: example.com

Configuring Domain Aliases

DNS Configuration

Both domains point to the same server:

# Primary domain
example.com.        IN    A    203.0.113.50

# Alias domain
example.net.        IN    A    203.0.113.50
shop-example.com.   IN    A    203.0.113.50

Or using CNAME for alias:

shop.example.com.   IN    CNAME    example.com.

Web Server Configuration

#### Apache

<VirtualHost *:80>
    ServerName example.com
    ServerAlias example.net shop.example.com www.example.net

    DocumentRoot /var/www/example

    <Directory /var/www/example>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

#### Nginx

server {
    listen 80;
    server_name example.com example.net shop.example.com;

    root /var/www/example;
    index index.html index.php;

    location / {
        try_files $uri $uri/ =404;
    }
}

#### Cloudflare (CNAME Setup)

1. Add alias domain to Cloudflare
2. Create CNAME record:
   shop.example.com → example.com
3. Enable "Flatten all CNAMEs" in DNS settings
4. Enable "Always Use HTTPS"

cPanel/WHM

Domains → Addon Domains → Create New Domain

Domains → Aliases → Create a New Alias
Enter domain: shop.example.com
Alias for: example.com

Common Use Cases

Brand Variations

Register common variations to prevent cybersquatting:

example.com    (primary)
example.net    (alias)
example.org    (alias)
example.io     (alias)

Typo Protection

Capture common misspellings:

example.com     (primary)
exampel.com     (alias - typo)
exmple.com      (alias - typo)

Regional Domains

Serve same content on country-specific TLDs:

example.com      (primary, global)
example.co.uk    (alias, UK)
example.de       (alias, Germany)
example.fr       (alias, France)

Marketing Campaigns

Short, memorable campaign domains:

example.com              (primary site)
summerosale2024.com      (alias for campaign landing page)

Subdomain Aliases

shop.example.com         (alias)
store.example.com        (alias)
→ Both serve same e-commerce site

Product or Service Branding

companyname.com          (primary)
productname.com          (alias)

SEO Considerations for Domain Aliases

Duplicate Content Problem

Search engines may see domain aliases as duplicate content:

example.com/about
example.net/about
→ Same content, different URLs = duplicate

Canonical Tags

Tell search engines which domain is primary:

<!-- On all pages, regardless of domain -->
<link rel="canonical" href="https://example.com/page-path" />

This tells search engines "treat all versions as this URL."

Preferred Solution: 301 Redirects

Instead of aliases, redirect to primary domain:

RewriteEngine On
RewriteCond %{HTTP_HOST} !^example\.com$ [NC]
RewriteRule ^(.*)$ https://example.com/$1 [R=301,L]

server {
    listen 80;
    server_name example.net shop.example.com;
    return 301 https://example.com$request_uri;
}

This consolidates all SEO authority to the primary domain.

When Aliases Are Acceptable

• Internal/development domains (not indexed)
• Domains with noindex tags
• Domains used for email only (no web content)
• Temporary campaign domains with canonical tags

Email Configuration for Domain Aliases

Shared Email (Same Mailboxes)

Configure MX records for all domains:

example.com.     IN    MX    10    mail.example.com.
example.net.     IN    MX    10    mail.example.com.

john@example.com and john@example.net → same mailbox

Separate Email (Different Mailboxes)

Each domain has independent email:

example.com.     IN    MX    10    mail.example.com.
example.net.     IN    MX    10    mail.example.net.

john@example.com ≠ john@example.net (different mailboxes)

Email Catch-All Across Aliases

Accept email to any address on any alias domain:

# Postfix virtual
@example.com    catchall@example.com
@example.net    catchall@example.com
@shop.example.com    catchall@example.com

SSL/TLS Certificates for Aliases

Multi-Domain (SAN) Certificate

One certificate covering all aliases:

Certificate SANs:
  example.com
  www.example.com
  example.net
  www.example.net
  shop.example.com

certbot certonly --nginx \
  -d example.com -d www.example.com \
  -d example.net -d www.example.net \
  -d shop.example.com

Wildcard Certificate

Covers all subdomains of primary domain:

*.example.com
→ Covers shop.example.com, blog.example.com, etc.
→ Does NOT cover example.net or other TLDs

Separate Certificates

Individual certificate per domain:

example.com → cert1
example.net → cert2

Best Practices

Always Use HTTPS for All Aliases

Every domain should have valid SSL:

✓ https://example.com
✓ https://example.net
✓ https://shop.example.com

Implement Canonical Tags

Even if serving same content, use canonical tags:

<link rel="canonical" href="https://example.com/current-page" />

Consider 301 Redirects Over Aliases

For SEO, redirect aliases to primary:

example.net → 301 redirect → example.com
shop.example.com → 301 redirect → example.com/shop

Monitor All Domains

Include all aliases in uptime monitoring:

- Monitor DNS resolution for all aliases
Check SSL certificate validity
Verify web server responds correctly

Consistent Branding

If using aliases, ensure consistent branding:

Same logo, colors, navigation across all domains
Or clearly indicate relationship

Document Alias Strategy

Maintain documentation:

# domains.md
Domain
Type
Purpose
Points To
example.com
Primary
Main site
Server A
example.net
Alias
Brand protection
Server A
shop.example.com
Alias
E-commerce
Server A

Testing Domain Aliases

Verify DNS Resolution

# Check all aliases resolve to same IP
dig example.com A +short
dig example.net A +short
dig shop.example.com A +short

# Should all return same IP or equivalent CNAME chain

Test Web Server Configuration

# Verify server responds to all domains
curl -I https://example.com
curl -I https://example.net
curl -I https://shop.example.com

# Should all return 200 OK (or 301 if redirecting)

Check SSL Certificates

# Verify SSL covers all domains
echo | openssl s_client -servername example.net -connect example.com:443 2>/dev/null | openssl x509 -noout -text | grep DNS

# Should list all alias domains in SANs

SEO Validation

# Check canonical tags
curl -s https://example.net/page | grep "canonical"

# Should point to primary domain
<link rel="canonical" href="https://example.com/page" />

Security Considerations

Domain Hijacking Risk

More domains = more attack surface:

• Monitor all domains for unauthorized changes
• Use registry lock on important aliases
• Enable 2FA at registrars

Phishing Protection

Register defensive aliases to prevent phishing:

example.com (primary)
examp1e.com (homoglyph protection)
example-secure.com (defensive)

Consistent Security Policies

Apply same security to all aliases:

• Same HSTS headers
• Same CSP policies
• Same authentication requirements

Domain aliases are useful for brand protection and user convenience but require careful configuration to avoid SEO penalties and security risks.