Should you use dynamic sub-domains on your site?
Many sites use dynamic sub-domains in a format like http://username.domain.com but this can cause some headaches later on. Kevin Hale gives a couple of reasons why you should set up your site differently including money saved on SSL certificates:
In Wufoo, we use subdomains to differentiate user accounts (http://username.wufoo.com/forms/) and honestly, it’s been nothing but trouble for us from a development standpoint. If we could do it all over again, we would have definitely handled our urls and account settings using a Flickr style setup using folders (http://wufoo.com/forms/username/). Here’s some reasons why:
Reason the First : When you want to offer your users SSL on these accounts, you have to buy a wildcard subdomain certificate that’ll cost way more than your normal SSL certificate. Prices range between $899 to $200 a year. We use Godaddy. Their interface leaves something to be desired, but they’re one of the cheapest and we love their customer support. One thing that we don’t like is that, since that certificate only works with subdomains, we have to do things like https://secure.wufoo.com/login/ to get an encrypted login url rather than having a simple url like this https://wufoo.com/login/ for our users to follow (and we’ll be damned before having to pay for two different certificates just for this kind of functionality). If we had just set up users to have their own directory as opposed to a subdomain, we’d have only needed to purchase a regular SSL certificate, which you can get for as little as $20 a year, and avoided Reason the Second.
Originally posted on Fri Jun 29, 2007