Domain DNS Management Guide: How to Point Your Website, Email and Subdomains

Sharing is caring!

When you buy a domain, nothing works until DNS is configured correctly. Your website does not open, email bounces, and subdomains like blog.yourdomain.com or api.yourdomain.com simply do not exist from the internet’s point of view. Proper domain DNS management is what connects your domain to the right servers for web, email and every other service you run.

In consulting sessions, I often see teams investing weeks in design, content or application architecture, then leaving DNS as an afterthought. The result is unnecessary downtime, random email delivery issues and confusing setups that nobody wants to touch later. The good news: if you understand a few DNS record types and follow a simple checklist, you can keep everything tidy, predictable and easy to change.

In this guide, we will walk through how to point your domain to your website, how to route email using MX, SPF, DKIM and DMARC, and how to manage subdomains for apps, CDNs and services. I will focus on practical, real-world scenarios you can apply directly to your own projects, whether you use a hosting provider like DCHost or manage your own VPS or dedicated server.

What Domain DNS Management Actually Does

DNS (Domain Name System) is often described as the “phone book of the internet”. That analogy is mostly accurate: it translates human-friendly names like example.com into technical information that computers understand, mainly IP addresses such as 192.0.2.10 (IPv4) or 2001:db8::10 (IPv6).

But DNS is more than just IP lookups. With different record types, you tell the world:

• Where your website is hosted (A / AAAA / CNAME records)
• Which servers handle your email (MX records)
• How other mail servers should treat your emails for spam and security (SPF, DKIM, DMARC via TXT/CNAME)
• Where your subdomains like blog, API or panel should point

If you want a deeper primer on each record type before continuing, you can check the detailed explanation of DNS record types like A, AAAA, CNAME, MX and TXT. In this article, we will focus more on how to use them in practice.

Nameservers vs DNS Records

First, you need to distinguish two concepts that are often confused:

• Nameservers: These are the servers responsible for your domain’s DNS zone. At your domain registrar, you usually see settings like ns1.example-dns.com, ns2.example-dns.com. Changing nameservers changes where you manage your DNS.
• DNS records: These live inside the DNS zone on the nameservers. A, CNAME, MX, TXT and others are the individual entries that actually point your domain to specific services.

Typical workflow:

1. At your registrar, set the nameservers (to your registrar’s DNS, your hosting provider’s DNS like DCHost, or a third-party DNS service).
2. On the DNS management panel of those nameservers, create and edit the DNS records (A, CNAME, MX, etc.).

Before You Start: Decide Where Your DNS Will Live

Before touching any records, make a clear decision: Where will you manage DNS? This determines which control panel you log into when you need to change anything.

Option 1: Use Your Domain Registrar’s DNS

Many registrars provide a free DNS service. Advantages:

• Simple for small projects
• No extra billing relationship
• Easy if you frequently change hosting providers

Disadvantage: Features might be limited (fewer advanced records, less fine-grained control, weaker monitoring and tooling).

Option 2: Use Your Hosting Provider’s DNS (e.g. DCHost)

Hosting providers like DCHost typically offer DNS integrated with their hosting or VPS control panel. Advantages:

• Tight integration with your web hosting and email services
• Automatic record creation when you add domains or subdomains in the panel
• Usually optimized for performance and reliability

Disadvantage: If you move away from that hosting provider, you will need to migrate DNS as part of the move. In that case, a detailed plan like the one in the migration checklist for moving your site to a new hosting provider without downtime becomes essential.

Option 3: Use a Dedicated Third-Party DNS Provider

This is common in larger setups where teams want DNS independent from both registrar and hosting. It offers:

• Advanced features (geo-DNS, traffic steering, API integration)
• Central management of many domains and environments
• Easier architecture changes (hosting, mail, CDNs) without moving DNS itself

For most small and medium projects, registrar DNS or your hosting provider’s DNS (such as DCHost) is perfectly sufficient.

Pointing Your Domain to Your Website (A, AAAA and CNAME)

The most common task is pointing your domain to your website’s server. That is handled mainly by three record types:

• A record: Points a hostname to an IPv4 address (e.g. 192.0.2.10)
• AAAA record: Points a hostname to an IPv6 address (e.g. 2001:db8::10)
• CNAME record: Points a hostname to another hostname (alias), not to an IP

Scenario 1: Simple Shared Hosting

On a typical shared hosting account, your provider gives you:

• An IPv4 address, e.g. 198.51.100.25
• Sometimes an IPv6 address

Common setup:

• @ (root domain) – A – 198.51.100.25
• www – CNAME – @ (or directly to your root domain, e.g. example.com.)

“@” is usually a placeholder for your root domain (example.com). This configuration ensures both example.com and www.example.com open your site.

Scenario 2: VPS or Dedicated Server Hosting

If you run your own VPS or dedicated server, the logic is the same, but the IP address is usually unique to your server. For example:

• @ – A – 203.0.113.50 (VPS IP)
• www – CNAME – @

Once DNS is set, you still need to configure the web server (Nginx, Apache, etc.) on that VPS. For operational tips on running such servers, see the VPS Server Management Guide on SSH, updates and monitoring.

Scenario 3: Service That Requires CNAME

Some website platforms want you to point www.yourdomain.com to something like yourname.hostedapp.com using a CNAME. Typical pattern:

• www – CNAME – yourname.hostedapp.com.
• @ – A – IP of a small redirect server (or use URL forwarding at the registrar) that redirects example.com → www.example.com.

Important: By DNS standards, the root domain (@) must not have a CNAME if other records (like MX, TXT) also exist. Use an A or AAAA for the root, and CNAME for subdomains such as www.

TTL and Propagation for Website Records

TTL (Time To Live) is the time (in seconds) that resolvers cache your DNS answer. Common values:

• 86400 seconds (24 hours) – stable, fewer lookups
• 3600 seconds (1 hour) – flexible for changes
• 300 seconds (5 minutes) – useful before migrations

When planning to move your website to a new server or hosting provider, lower the TTL a day before change (for example, from 86400 to 300). Then follow a structured process like in the zero-downtime website migration guide.

Pointing Email: MX, SPF, DKIM and DMARC

Website working but email bouncing is a very common situation. That is because email uses its own record types, mainly MX plus several TXT/CNAME records for authentication.

MX Records: Where Your Email Actually Goes

MX (Mail Exchanger) records tell the world which servers handle email for your domain. Example:

• @ – MX – 10 mail1.yourmailserver.com.
• @ – MX – 20 mail2.yourmailserver.com. (backup)

The number (10, 20) is the priority. Lower numbers are tried first. When you move email from one service to another, you must:

1. Add the new MX records exactly as specified by the provider.
2. Remove old MX records to avoid mail randomly going to the wrong service.

SPF, DKIM and DMARC: Email Deliverability and Security

Modern email providers expect three key mechanisms to fight spam and spoofing:

• SPF (Sender Policy Framework) – TXT record listing which servers are allowed to send mail for your domain.
• DKIM (DomainKeys Identified Mail) – cryptographic signature in each email, validated via a DNS record.
• DMARC – policy telling receivers how strictly to apply SPF/DKIM checks, and where to send reports.

Typical records (simplified):

• @ – TXT – “v=spf1 include:mailservice.com -all”
• selector1._domainkey – CNAME or TXT – DKIM data from your provider
• _dmarc – TXT – “v=DMARC1; p=quarantine; rua=mailto:dmarc@yourdomain.com”

For a practical, in-depth walkthrough focused purely on email, see the step-by-step guide to setting up professional email with MX, SPF, DKIM and DMARC.

Hosting Website and Email in Different Places

You can host your website on one provider (for example, a VPS or shared hosting at DCHost) and your email with a dedicated email service. In that case:

• A / CNAME records – point to your web server
• MX, SPF, DKIM, DMARC – point to your email service

This separation is very common and works perfectly as long as your DNS zone is consistent and you carefully follow the email provider’s documentation.

Managing Subdomains: Apps, Blog, CDN and More

Subdomains allow you to split services logically: blog.example.com for your content site, api.example.com for your API, cdn.example.com for static files, etc. Each subdomain is just another hostname with its own DNS records.

Pointing Subdomains to Other Servers

Common patterns:

• blog – A – 198.51.100.60 (separate server for your blog)
• api – A – 203.0.113.80 (backend application server)
• panel – CNAME – panel.hostingprovider.com.

Each of these creates a distinct endpoint, so you can independently scale, secure and move them. If you are planning dedicated infrastructure for some of these services, it is worth reviewing how server architecture choices affect performance in the guide on choosing between VPS, cloud and dedicated servers.

Using Subdomains with a CDN

Many CDNs recommend using a subdomain like cdn.example.com. A typical setup is:

• cdn – CNAME – yourcdnid.cdnprovider.com.

Your website then loads images, CSS and JS from cdn.example.com, which the CDN serves from edge locations. For a practical overview of why this speeds up your site and how CDNs sit in front of your infrastructure, see the article explaining what a CDN is and how it works.

Subdomains and SEO / Performance

From an infrastructure perspective, subdomains can even be hosted in different regions or data centers. If your project targets international audiences, take a look at the guide on choosing data center location and server region for better SEO and website speed to align DNS design with your performance goals.

Advanced DNS Tips: TTL, Propagation and Zero-Downtime Changes

DNS changes do not apply instantly everywhere. Understanding TTL and propagation is key to avoiding surprises.

How Propagation Really Works

When you change a record, the authoritative nameservers see the new value immediately. However, resolvers (like your ISP’s DNS or public resolvers) cache previous answers until the TTL expires. This leads to the classic situation where some users see the new server, some still reach the old one.

Good practices:

• Lower TTL (e.g. to 300 seconds) 24 hours before a planned migration.
• Make the switch (change A/MX/CNAME records).
• After everything is stable, raise TTL again (e.g. 3600 or 86400) for efficiency.

Checklist for Zero-Downtime Website Moves

If you are changing hosting providers or moving to a new server:

1. Lower TTL on relevant records a day in advance.
2. Set up the site fully on the new server (files, database, SSL, configuration).
3. Test using a local hosts file override pointing your domain to the new IP.
4. When ready, update the A/AAAA records to the new IP.
5. Monitor logs and error reports while both environments are briefly active.

This process is described in more depth in the zero-downtime hosting migration guide. If you also migrate from HTTP to HTTPS during that process, pair it with the site’s SEO-safe HTTP to HTTPS migration checklist.

Common DNS Mistakes and How to Avoid Them

Even experienced teams repeat the same DNS mistakes. Here are some you can proactively avoid:

• Mixing old and new MX records: Leads to mail delivered to both old and new systems. Always remove outdated MX after cutover.
• Using CNAME at the root (@): This can break other records like MX and TXT. Root should use A/AAAA, subdomains can use CNAME.
• Too strict or incorrect SPF: “-all” with missing senders causes legitimate mail to be rejected. Start with a balanced policy and adjust with DMARC reports.
• Forgetting IPv6 (AAAA) updates: If you use IPv6 and change servers, update AAAA records alongside A records.
• High TTL during migrations: Changing critical records with 24-hour TTL means waiting a long time for propagation.
• No documentation: Months later, nobody remembers why a record exists. Keep notes or a repository with DNS decisions and reasons.

When you design and document DNS with the same care as your application architecture, you avoid a lot of hard-to-debug production issues.

Wrap-Up: Keep DNS Simple, Documented and Under Control

DNS looks intimidating at first because it sits between domains, hosting, email, CDNs and security. But in daily operations, you mostly work with a small set of records: A, AAAA, CNAME, MX, TXT (SPF, DKIM, DMARC). Once you understand how each of them shapes the path to your website, email and subdomains, domain DNS management becomes a predictable, almost boring task – which is exactly what you want for critical infrastructure.

My recommendation is to log into your DNS panel today and review your zone line by line. Remove records you clearly do not need anymore, verify that A/AAAA records match your current servers, and ensure MX, SPF, DKIM and DMARC are aligned with your real email flows. If you are planning a move to a new hosting provider like DCHost, or restructuring your architecture around VPS and dedicated servers, integrate DNS planning into your project from day one.

When DNS is clean and well-managed, everything else – migrations, SSL changes, CDN integration, even complex multi-region setups – becomes much easier. Treat it as a core part of your system design, not an afterthought, and it will quietly support your infrastructure for years.