Is there a way to always require or force the 'www' subdomain on a site?
https://stackoverflow.com/questions/509205
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I want to prevent users from going to say example.com and only go to www.example.com, we are using IIS 6. So say they go to example.com it could tack on the www.example.com, etc.
Is this a setting somewhere or will I have to code it to check for the subdomain when they land and redirect accordingly?
EDIT: I know the best way is to move away from the www prefix but for whatever reason if the user launches a course (this is an LMS) without the www in the URL the tracking does not work for the .asmx file, that is why I am trying to force the 'www' because if some people don't have it then they wonder why the tracking does not work.
Solution
As both records already point to the correct server...
...you could simply set up a new website in IIS (server version needed) and have it respond only to example.com (the host header setting) and have it redirect to the wanted url (check redirect to url in Home Directory tab and enter www.example.com). The original site should then handle it (you could set it's host header to answer to www.example.com to be more specific).
If you can't do that on the web server, your publishing firewall should be able to, or you might consider replacing it. Your DNS provider might also provide (pun not intended) a redirect service (doing basically the same thing as above for you I guess).
OTHER TIPS
If you're using ASP.NET create an HttpModule, handle the BeginRequest event and add this code inside your handler:
HttpApplication application = (HttpApplication)source;
HttpContext context = application.Context;
if (context.Request.Url.Host == "example.com")
{
context.Response.Clear();
context.Response.Status = "301 Moved Permanently";
context.Response.AddHeader("Location", "http://www.example.com" + context.Request.RawUrl);
}
Note that I didn't use Response.Redirect(), this is done for the sake of SEO, as Response.Redirect() always returns status 302 which means the object was moved temporarily while status 301 means the object was moved permanently, this will keep the PageRank of your pages from being divided between the www and the non-www versions (if search engine crawlers can access the page using both the www and the non-www URLs, they will divide your PageRank between the two, hence is the use of 301 which search engine crawlers understand and will keep your PageRank to only the www version of your site).
As per other responses, arrange for a 301 redirect from the unadorned domain name to the site with the www. prefix.
Given that I actually work in the DNS industry, I'd like to share my views on the www. debate:
For now, at least, IMHO, the preferred version of URLs should be with the www. prefix. The hostname part of a URL is exactly that, it is a hostname. The only DNS resource records that your browser will search for are A (and possibly AAAA for IPv6) records, and the resulting IP address is that which it'll connect to.
It is not a web site address - only the full URL (with the http:// prefix) specifies that this host is expecting to receive HTTP connections on port 80.
The whole reason for the www. prefix in the first place was to allow for the separation of different protocols to different hosts. As Verisign showed when they (briefly) introduced their "SiteFinder" service several years ago, assuming that every request for an A record is for the use of the HTTP protocol is a massive mistake.
Having the canonical version of your URL be the one with the www. prefix also makes cookie handling easier, and allows for easier splitting of static content to content delivery networks (as recommended by Yahoo!, Google, etc).
Now, there is a DNS record type (SRV, see RFC 2782) which uses a service and transport prefix to allow a single domain name to dispatch different protocols to different hosts (and hence IP addresses).
The ideal DNS set up would be a record that looks like:
_http._tcp.example.com IN SRV 10 0 80 www.example.com.
This says that all requests for HTTP URIs over TCP/IP should be addressed to TCP port 80 on the hostname www.example.com. Note that with this syntax you could also have HTTP services automatically server from ports other than port 80 without the port number being part of the URL.
The SRV record is a required part of SIP, and is commonly used for Jabber (XMPP). However AFAIK no browser uses it. :(
Contact your host (or your domain registrar) and have them set it up to work with or without www. It should however work both ways or only one way if you so wanted. I'm assuming you have a host and are not running your own web server/domain name registration, lol.
This is how it works, regardless of whether or not you should.
This is handled by DNS. Usually, example.com and www.example.com will point to the same server, but they don't have to. If www.example.com isn't explicitly registered, then the request gets sent to the example.com server, and that server gets to decide what www.example.com means, as well as mail.example.com, ftp.example.com, home.example.com, users.example.com, and so on.
Edit: I realize this story is sort of incomplete, as these days Apache gets handed the URL that you used to get in with, and it may interpret a subdomain from that, and direct the request to a virtual site. But this shouldn't be a factor at the "www" level.
The typical way this is done by web sites is to do an HTTP redirect from example.com to www.example.com. You do this by returning either HTTP Status code 301 (permanent redirect) or 302 (temporary redirect) when user goes to example.com, and setting the HTTP location: field in the response to http://www.example.com. Google for "301 versus 302" to see when you should use either.
Note that this is an HTTP feature, not something provided by DNS... some domain name providers however do provide HTTP redirect facility for you if you use their name servers.
Note you can test this out for yourself. Go to http://web-sniffer.net and type yahoo.com (or microsoft.com or any major web site). You'll see that they respond to a redirect with the www version of the name (in less common cases some web sites go the other way, redirect www to the non-www version of the name).
When I had the misfortune to work on Microsoft's web stack, I used ISAPI_Rewrite to force www. prefixing (among other things).
At my web site I just put the following into the .htaccess file:
RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_HOST} ^tafkas\.net$ [NC]
RewriteRule ^(.*)$ http://www.tafkas.net/$1 [L,R=301]
For Apache based server you can use this code
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.yourdomain\.com$ [NC]
RewriteRule (.*) http://www.yourdomain.com/$1 [R=301,L]
Explanation: The first line just turns the rewrite engine on. The second line of code is to check the url entered by the user. The bash sign (!) means not equal to. The carrot sign (^) means the beginning of the statement to be checked. Backslash dot (.) refers to the special character of dot, which when used without backslash means 'anything'. The dollar sign at the end of the statement refers to the end of the url. The third statement states that if the input given by the users is not the one as given in statement two, then proceed as follows. (.*) means that anything and any number of times. This is used so as the save anything written by the user after yourdomain.com/ gets stored in the variable $1. R=301 refers to the permanent redirection, and L states that this is the last in the series of status codes.
As stated adding the WWW is the opposite direction to be going. WWW is a redundancy these days.
You can check out http://no-www.org/ for further information.
This is actually backwards. It was how they did it in 1998, but now you're supposed to if anything drop the www.
Also, example.com is specifically reserved for posting example urls. Someone probably actually owns and uses the one you provided. How do you know you're not pointing someone to a porn or malware site with that random example?
