What Is a Wildcard Record?
A wildcard DNS record matches all subdomains that do not have an explicit record. It uses an asterisk (*) as the subdomain name.
*.example.com. 300 IN A 198.48.63.241This means anything.example.com resolves to your server, unless a specific record exists for that subdomain.
Use Cases
- Multi-tenant SaaS applications (tenant1.example.com, tenant2.example.com)
- User-generated subdomains (username.example.com)
- Development environments (feature-123.dev.example.com)
- Catch-all for mistyped subdomains
Setting Up
At your DNS provider, create an A record with the name *:
| Name | Type | Value |
|---|---|---|
| * | A | 198.48.63.241 |
Nginx Catch-All Server Block
server {
listen 80;
server_name *.example.com;
# Extract subdomain
set $subdomain "";
if ($host ~* "^(.+)\.example\.com$") {
set $subdomain $1;
}
root /var/www/sites/$subdomain/public;
# Or proxy to an application that handles routing
}Wildcard SSL with Let's Encrypt
# Requires DNS challenge (not HTTP)
sudo certbot certonly --manual --preferred-challenges dns -d "*.example.com" -d "example.com"You will be prompted to create a DNS TXT record at _acme-challenge.example.com.
Important Notes
- Wildcard records only match one level:
*.example.commatchesfoo.example.combut NOTfoo.bar.example.com - Explicit records take priority over wildcards
- MX records should NOT use wildcards