Posted on

Should you use the www. prefix in your domain name or not?

Here are a few reasons why I think you should.

1. Using a Content Delivery Network (CDN)

As your website grows larger in scale (or for reliability / DDOS mitigation), you may need to use a CDN. CDNs work by caching your website content on a variety of servers around the world, to reduce the load on your web server(s) and improve performance by removing latency for visitors far away from your servers’ location.

To do this, CDNs need to be able to use a variety of servers and therefore a variety of IPs to host your site. The CDN will dynamically provision resources when and where they are needed and therefore need to be able to point your domain at these services, which means they need to control DNS for your domain.

If you use the naked (no-www) domain, the only way to accomplish this is to give the CDN complete control over your DNS, as the root domain cannot have CNAME records. This may not cause a major problem in all cases, but can be problematic for shared hosting or organization that want to control thier own DNS.

When using www, you can simply the a CNAME record for www, and retain control of your DNS. You’ll still need to have your server handle the redirect from non-www to www but the resources required for this are very low.

2. Cookies

Cookies set on the root domain will be accessible on all subdomains, which can lead to several instances of undesired bahavior. Meanwhile, www cookies can only be accessed by your primary website and can’t interfere with other subdomains. You may want to host services on subdomains for a variety of reasons:

Static Content Servers

You may want to host static content such as images, downloads, css and other media on other domains or servers. When cookies are set on the root domain, your cookies will be sent to your static server(s), which is completely unnecessary and a waste of bandwidth.

Sites on other subdomains

Some sites may use subdomains to host services that they’d like to separate from the main site.

For example, you may have a store using a third-party system, a wordpress blog, customer portal, form that collects Personally Identifying Information (PII) or other services that have different users and security requriements.

These sites may use the same cookies for different purposes or have cookies that should not be shared across sites (ex, session cookies).

Note that cookies should never in any circumstance, contain Personally Identifying Information, and should be limited to HttpOnly, Secure whenever possible, especially for session cookies.

Customer Hosted Content

Some sites may want to give out subdomains to customers to host thier own content. You would most likely want to restrict all but a small subset of cookies to not be accessible through these sites, which is only possible when using www.

Note that there may be other security implications of this, I would recommend thoroughly researching this prior to building this kind of feature. As an example, subdomains can still set root-level cookies unless your domain is on the public suffix list.

3. Easy Search and Replace

When switching between domains for your environments, you can use string-based find-and-replace to easily correct and links to the wrong environment. Ideally, you’ll just make all of your links root-relative (starting with the /), avoiding this problem entirely but in some cases that can’t be done (links in email templates, for example), and Yoast seems to disagree with this practice, although this seems to be mainly in regards to paths not relative to root.

Why can’t you do this for non-www URLs? You’ll also erroneously capture email addresses. This is admittedly a small concern, as you could work around this with regex-based search, but why makes something more complicated for not benefit?

Bad reasons to avoid www

It’s Shorter

Yes, but assuming you’ve set up a redirect from non-www to www, people can still type the shorter version, and you can use it in print materials.

It takes longer to communicate the www

Don’t do that, then! You set up a redirect to www, right?

It shouldn’t be necessary

Maybe, but I’m not writing this to explain how it should be, only what works best given the current status quo.

Best Practices

Whether using www or not, you should definitely be redirecting all of your primary site’s traffic to a consistent secure domain. This is better for SEO, as there is a small ranking bonus for HTTPS due to it’s benefits for you and your customers, and being able to aggregate all of the data and rank juice on a single domain.

In addition, use canonical tags to indicate which domain variation is preferred to be listed in search for each content page.

Conclusion

Truth be told, for most sites, it will make minimal difference whether you use www or not. These changes only matter once your site starts to grow, but people make website because they want to reach larger audiences. Why put off a problem when it takes the same amount of effort to do the better long-term thing right away for no additional cost or resources?

« Back to home