dnswatchdog.iodocs
Issues

Dangling Subdomain

The subdomain points to a resource that no longer exists.

Severity: Critical

A dangling subdomain issue as shown in DNS Watchdog, highlighting the CNAME record pointing to a non-existent resource

What is a dangling subdomain?

A dangling subdomain is a DNS record (usually a CNAME) that points to an external service or resource that no longer exists. For example, if you created blog.example.com as a CNAME pointing to example.ghost.io and later cancelled your Ghost account, the CNAME still exists but the target is gone. The subdomain is "dangling" — pointing at nothing.

Why this is a problem

Dangling subdomains are a serious security risk because of subdomain takeover attacks. An attacker can register the abandoned resource (like signing up for a new Ghost account with the same name) and take control of your subdomain. They can then serve any content they want under your domain — phishing pages, malware, or fake login forms that appear to be part of your organization.

This is particularly dangerous because the attacker's content is served from a legitimate subdomain of your organization, making it highly convincing for phishing attacks.

What you should do

  • Remove the DNS record if the external service is no longer needed
  • If the service is still needed, re-provision it so the target resolves again
  • Audit all CNAME records pointing to third-party services regularly
  • Before cancelling any external service, always remove the associated DNS records first

No HTTPS Redirect

The server does not redirect HTTP to HTTPS.

Broken Delegation

The subdomain is delegated to nameservers that do not resolve.

On this page

What is a dangling subdomain?Why this is a problemWhat you should do