CNAME record lookup

CNAME maps an alias to a canonical name. Resolvers chase the chain transparently. Used for SaaS pointing (`shop.example.com` → `myshop.shopify.com`), CDN aliases, and dev/staging environments.

beginner CNAME

How to look it up

Four ways to query — pick by what's available on your machine.

digdig CNAME shop.example.com +short

dig (chase)dig CNAME shop.example.com +trace

dotdigdotdig cname shop.example.com

Sample response

myshop.shopify.com.

Format

Single canonical hostname, ending with trailing dot. Resolvers chase the CNAME chain (limit ~10 hops) automatically.

Common pitfalls

WARNING: CNAMEs CANNOT coexist with other records on the same name (RFC 1034). If `shop.example.com` has CNAME, it cannot also have MX or TXT. Apex (`example.com`) usually needs MX/SOA — so CNAME at apex is forbidden by spec.
CNAME chain >10 hops = resolver gives up. SaaS providers sometimes chain multiple CNAMEs — verify single-hop where possible.
Some providers offer 'ALIAS' or 'ANAME' records for apex — these resolve at the DNS provider before serving, skirting the apex restriction. Not a real DNS type, but functional.

Why it matters for security

security relevance Dangling CNAMEs (pointing to deprovisioned SaaS subdomains) enable subdomain takeover attacks. Audit periodically — services like Detectify and Sublist3r catch these.

Use cases

SaaS custom domain (Shopify, Cloudflare, Vercel)
CDN aliasing
Multi-environment routing (staging.app → app-staging.heroku.com)
Subdomain takeover audit

Look up DNS without flag soup

dotdig is a friendly DNS resolver — formatted output, custom resolver support, DNSSEC validation. Zero-config alternative to dig.

Open dotdig

Related DNS lookups

SOA · TXT · MX · NS