Brightball

Should my domain name include a "www"?

DevOps | DNS | - May 6, 2010 // Barry

In the age of Twitter and Web 2.0, we've started to see a lot of websites drop the standard www from their domain names.  This could simply be a product of people following trends or just trying to be a little different, but the real question is "What are the drawbacks?"

The only real perk that comes from dropping the www from your domain name and going with mysite.com rather than www.mysite.com is that it provides you with a slightly shorter web address, which comes in handy with character limited services like Twitter.  Plus, it might look cool in the address bar.

There are a couple of downsides to dropping the old 3-dub though.

Cookies

When an application sets a cookie, it usually sets it for a particular subdomain or even a particular path at that subdomain.  For example, blog.mysite.com and www.mysite.com would not have overlapping cookies unless the application required it and a developer forced them to be domain wide.  When the www is dropped from the domain name, this choice is taken away.

What that means is that any cookie that is set in the user's browser will be sent on every request to any subdomain of that site.  That can degrade performance and possibly create a security issue depending on what resides at the subdomain.  The security issue can be overcome by encrypting the cookies themselves, but performance is the bigger key.  

A request is not simply the single request to the URL in your browser's address bar.  That address returns an HTML page that will included references to images, style sheets (that reference more images), Javascript files, and more.  It's not uncommon to see upwards of 30 total requests to load a single page and browser cookies are sent with every single one of those requests.  Yahoo's "Best Practices for Speeding Up Your Web Site" recommends using cookie free domains to serve static files and avoid the performance hit.  One of the simplest ways to do that is by setting up a subdomain like static.mysite.com for the task, however, if your primary domain doesn't have the www on the front all of those cookies would be sent anyway.  This can be easily worked around by using a completely different domain name like mysite.net to serve the static files, but by simply keeping the www you can avoid the uneccessary expense of another domain name.

Secure Certificates

Another problem imposed by dropping the www from your domain name pops up when using secure certs to encrypt page traffic.  There are multiple providers that sell secure certificates for anywhere from $30 to upwards of $3,000 per year.  These certificates can be purchased for specific subdomains or by using a wildcard for unlimited subdomains.   

Domains like static.mysite.com, blog.mysite.com, www.mysite.com, and secure.mysite.com can all be secured for one price through the wildcard certificate. The problem with dropping the www from your domain name is that there is no subdomain at all, rendering a wildcard certificate unusable on the primary domain. A separate single certificate must be purchased and installed for the main mysite.com domain unless it was specifically included by your vendor.  Again, not a complicated problem, simply an uneccessary expense.

Summary

Overall, there's not a great deal of benefit to dropping the www from your domain name while you can save yourself some added expenses and headaches down the line by sticking to the age old standard.  If you must though, the complications can be worked around fairly easily.