DNS and HTTP(S) redirects - How do they work together? - Cybersecurity, intellectual property and domain names news

In the world of websites and domain names, it is common to want to redirect the use of a domain name to another – e.g. in the address bar of a browser – to access a website. For example:

Redirect a-great-website.com to www.a-great-website.com
Redirect www.to-be-redirected.com to www.a-great-website.com

However, it is not always easy to understand how all of this works, nor how to configure these redirects. Do I have to configure redirection at DNS level? At my web server level? Both? One or the other?

The purpose of this article is to detail the distinction between DNS «redirect» and HTTP redirect, and to present how these two protocols work together.

In the rest of the article, we will not distinguish between HTTP and HTTPS (HTTP protocol secured by a certificate). Everything that is said here is valid for both.

Understanding the difference between DNS and HTTP

DNS and HTTP are two internet protocols that are both essential to the proper functioning of the web, but do not have the same purpose.

Let’s take the example of a user who wants to access blog.nameshield.com. He enters blog.nameshield.com in the address bar of his favorite browser.

Before the browser can send a request to obtain the content of the website’s home page, it must know to which IP address it must send the request. This is where DNS comes in. The browser sends a DNS query (using DNS protocol) to a resolver: «Give me the IP address associated with blog.nameshield.com». It gets back an IP address (81.92.84.102) configured on an authoritative DNS server. We’re talking about the resolution of the blog.nameshield.com domain name.
The browser can then send the HTTP request (using HTTP protocol) to the HTTP server (or web server) whose IP address it has just obtained: «Give me the content of the web page blog.nameshield.com». In return, it receives the content of the page to display.

The DNS protocol offers types of records that allow to «redirect» one domain to another: especially the CNAME type. Although DNS “redirect” is easily referred to, the term “alias” is more appropriate. Strictly speaking, this does not redirect, but indicates that the domain we are resolving is an alias of another domain. You must then resolve this other domain to obtain the IP address you are looking for.

Let’s say we want to create a redirect from www.to-be-redirected.com to www.a-great-website.com. If we configure the DNS zone of to-be-redirected.com with a CNAME record of this type: www.to-be-redirected.com CNAME www.a-great-website.com, that basically means : “You want to know the IP address associated with www.to-be-redirected.com? Well, look for the one associated with www.a-great-website.com and you’ll get your answer.” Another DNS query will be sent to resolve www.a-great-website.com and obtain the IP address. The browser will have the IP address of the HTTP server we are interested in (the one hosting the website www.a-great-website.com), but this will not change the content of the HTTP request sent by the browser: “Give me the content of the web page www.to-be-redirected.com”.

You may notice that the HTTP request sent by the browser contains the name of the website (or host – here www.to-be-redirected.com) that you want to access. Indeed, a single server (and therefore a single IP address) can host dozens of different websites. It will only respond positively to HTTP requests containing a host for which it is configured. Knowing the IP address of the web server is not enough, one must also address an HTTP request to which it is able to respond. Sending a request http://www.to-be-redirected.com to some server configured only to respond to http://www.a-great-website.com will not work!

The HTTP protocol also offers a redirection system (here it is the appropriate term). An HTTP server can be configured to redirect one host to another. For example, if it receive HTTP requests “Give me the content of the web page www.to-be-redirected.com.”, it will answer “This resource is redirected to http://www.a-great-website.com.” Then the browser will repeat the following steps:

DNS lookup of www.a-great-website.com
Send a request http://www.a-great-website.com to the IP address obtained
Display the web page obtained

How to make DNS and HTTP redirects work well together?

Let’s recap:

DNS is used to resolve a domain name to obtain an IP address.
HTTP requests are sent to an IP address, and contain the host of the website you want to access.
HTTP servers can return different contents depending on the host present in the request: a web page they host, a redirect for which they have been configured, or an error if the host is unknown to them.

So, to make a redirect work correctly (still using the same example), you must have:

A DNS record in the to-be-redirected.com zone to associate the www host with the IP address of a web server…
…web server on which a redirect from http://www.to-be-redirected.com to http://www.a-great-website.com must be configured.

How Nameshield can help you

Nameshield offers an HTTP (and HTTPS) redirect service that simplifies the configuration of these redirections, which you can use from the moment Nameshield is the DNS provider of your domain to be redirected. Simply go to the technical configuration interface of your domain name, then in the tab «HTTP redirections». You can then create a new redirect on the host of your choice, specifying various parameters (such as the repercussion of directories and query parameters). Our system will then automatically:

Update the DNS zone to add records (A/AAAA or CNAME depending on the host) to point to the IP address of the Nameshield HTTP redirect server. In the zone configuration interface, a dedicated icon makes it easy to distinguish these automatically added records.
Configure a new redirect on our HTTP server (with an anycast architecture if you have a premium offer) according to the requested parameters.

Your redirect is then operational, you have nothing more to do. No changes are necessary with your web hosting provider.

If you want to change the destination of an existing HTTP redirect, you just have to modify the existing redirection from the same interface (no need to delete it and then to create a new one). No changes are expected on the DNS, since the host already points to our HTTP redirect server. Our system will modify the HTTP server configuration, and your new redirect will be effective in a few minutes.

If you have any questions about this article, please contact your customer support team.

Author: Éloi MIRET

Developer - Nameshield View all posts by Éloi MIRET

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_25904574_14	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.

Cookie	Duration	Description
ppwp_wp_session	30 minutes	No description
visit	30 minutes	No description

Understanding the difference between DNS and HTTP

How to make DNS and HTTP redirects work well together?

How Nameshield can help you

Author: Éloi MIRET

Nameshield uses cookies