Custom Domain Names for Apps
Last updated 17 August 2017
Table of Contents
By default, any app on Heroku is accessible via its Heroku Domain, which has the form
[name of app].herokuapp.com. For example, you would access an app named ‘serene-example-4269’ with
serene-example-4269.herokuapp.com. To make an app accessible via one or more non-Heroku domain names (for example,
www.yourcustomdomain.com), you must add custom domain(s) to your application as described below.
- Confirm that you own the custom domain name. If not, you can buy one with a domain registration service.
- Add the custom domain to your app with the
heroku domains:addcommand. See below for different variations.
- Look up the Heroku-supplied DNS Target for the custom domain using the
heroku domainscommand as described below.
- Configure your app’s DNS provider to point to the Heroku-supplied DNS Target.
- Test that your app is accessible via the custom domain. There may be a delay while DNS changes propagate.
Domains can be added to both free and paid Heroku apps and adding domains does not incur extra charges. For verification purposes, you must verify your Heroku account to add domains to apps.
Domains can be inspected and managed using either the CLI or Dashboard. To manage domains for an app in Dashboard, go to its “Settings” tab.
Heroku provides neither domain registration service (for registering a custom domain name) nor DNS provider service (for hosting the DNS servers that point your custom domain name at your app).
domain or domain name: full name used to access an app (in words, not with an IP address). For example,
- root domain (or naked, bare, or zone apex domain): the 'yourcustomdomain.com’ in 'www.yourcustomdomain.com’
wildcard domain: domains that match any subdomain, represented as
- Domain registration service: company that lets your buy and register a custom domain name
- DNS provider: company that maintains the DNS servers that translate a custom domain name to a destination ('DNS Target’). The fields are often called CNAME, ALIAS, ANAME, or A records. Only the first three work with Heroku apps, as A records require an IP address and Heroku apps do not have stable inbound IP addresses.
Heroku Domain: Heroku term for default domain given to each app. Has the form
[name of app].herokuapp.com
- DNS Target: Heroku term for the Heroku Domain to give to a DNS Provider (e.g., in a CNAME record) to be the destination for a custom domain name.
View existing domains
domains command in the Heroku CLI to view an app’s current Heroku Domain, custom domains, and DNS Targets:
$ heroku domains === example Heroku Domain example.herokuapp.com === example Custom Domains Domain Name DNS Target --------------- -------------------------- example.com example.com.herokudns.com www.example.com www.example.com.herokudns.com
For older applications, the DNS Target
[name of app].herokuapp.com might be displayed. If you are not using SSL, both the
[name of app].herokuapp.com and the
[domain name].herokudns.com formats will work as DNS Targets, regardless of what’s displayed when you view the DNS Targets in your Dashboard or with the above command. However, we recommend using the
[domain name].herokudns.com format, as this is also the format needed if you choose to use Heroku SSL or Automated Certificate Management.
If you’re using the SSL Endpoint, note that your DNS Targets will be a little different. For apps in the Common Runtime, the endpoint domain name will vary depending on region. The US region will have a name in the form of
example-2121.herokussl.com. Apps in the EU region will have the same domain name as your app’s herokuapp domain, e.g.
Add a custom domain with a subdomain
To add a custom domain with a subdomain, use the
domains:add command in the Heroku CLI:
$ heroku domains:add www.example.com Adding www.example.com to ⬢ example-app... done ▸ Configure your app's DNS provider to point to the DNS Target ▸ www.example.com.herokudns.com. ▸ For help, see https://devcenter.heroku.com/articles/custom-domains The domain www.example.com has been enqueued for addition ▸ Run heroku domains:wait 'www.example.com' to wait for completion
See the Rules on adding domains section if you receive the error message
example.com is currently in use by another app.
Configuring DNS for subdomains
After using the
domains:add command you must point your DNS provider at the domain’s DNS Target supplied by Heroku. See above for viewing domains to find the DNS Target. This usually takes the form of configuring a new CNAME record with your DNS provider as shown in the table below. Consult with your DNS provider for specific instructions to create CNAME records.
. on the target domain may or may not be required, depending on your DNS provider.
You can confirm that your DNS is configured correctly by using the
host command, assuming your DNS changes have propagated:
$ host www.example.com www.example.com is an alias for www.example.com.herokudns.com. ...
DNS changes can take several minutes to several days to take effect. Lowering your DNS TTL ahead of time can minimize, but not eliminate, this propagation time.
Your app’s Heroku Domain will always remain active, even if you’ve set up a custom domain. If you want users to use the custom domain exclusively, your app should send HTTP status 301 Moved Permanently to tell web browsers to use the custom domain. The
Host HTTP request header field will show which domain the user is trying to access; send a redirect if that field is
Add a custom root domain
Root domains must be added in addition to any subdomains. The process for adding root domains is the same in the Heroku CLI:
$ heroku domains:add example.com Adding example.com to ⬢ example-app... done ▸ Configure your app's DNS provider to point to the DNS Target ▸ example.com.herokudns.com. ▸ For help, see https://devcenter.heroku.com/articles/custom-domains The domain example.com has been enqueued for addition ▸ Run heroku domains:wait 'example.com' to wait for completion
Configuring DNS for root domains
Configuring your DNS provider for a root domain is similar to configuring a DNS provider for a subdomain. However, whereas with subdomains the type of record to configure is always a CNAME, with root domains the type of record depends on the DNS provider:
- ALIAS at DNSimple
- ANAME at DNS Made Easy
- ANAME at easyDNS
- ALIAS at PointDNS
- CNAME at CloudFlare. Also see the CloudFlare guide on SSL on Heroku..
Some DNS providers will only offer A records for root domains. Unfortunately, A records will not suffice for pointing your root domains to Heroku because they require a static IP. These records have serious availability implications when used in environments such as on-premise data-centers, cloud infrastructure services, and platforms like Heroku. Since Heroku uses dynamic IP addresses, it’s necessary to use a CNAME-like record (often referred to as ALIAS or ANAME records) so that you can point your root domain to another domain. See examples below.
Whichever provider you have, point the ALIAS/ANAME/CNAME entry for your root domain to the DNS Target, just as you would with a CNAME record:
Depending on the DNS provider, an empty or
@ Name value identifies the root domain.
Add a wildcard domain
Wildcard domains allow you to map any and all subdomains to your app with a single record. A common use of a wildcard domain is with applications that use a personalized subdomain for each user or account. You can add a wildcard domain if you own all existing apps already using the same top-level domain (TLD). For example, if an app is already using
www.example.com, you must own it to add
Add a wildcard domain to your app as you would with any other domain, but use the
* wildcard subdomain notation.
$ heroku domains:add *.example.com Adding *.example.com to ⬢ example-app... done ▸ Configure your app's DNS provider to point to the DNS Target ▸ wildcard.example.com.herokudns.com. ▸ For help, see https://devcenter.heroku.com/articles/custom-domains The domain *.example.com has been enqueued for addition ▸ Run heroku domains:wait '*.example.com' to wait for completion
If one of your apps has a wildcard domain, you can still add specific subdomains of the same top-level domain (TLD) to any of your other apps. Specific subdomains are evaluated before wildcard domains when routing requests.
With wildcard domains it’s important to make sure your DNS provider configuration agrees with Heroku. In particular, if you have configured your DNS for
*.example.com to point to
example.herokuapp.com, be sure you also run
heroku domains:add *.example.com. Otherwise, a malicious person could add
baddomain.example.com to their Heroku app and receive traffic intended for your application.
Configuring DNS for wildcard domains
* wildcard subdomain notation to add a CNAME record to
wildcard.example.com.herokudns.com with your DNS provider.
Remove a custom domain
Remove a domain with
$ heroku domains:remove www.example.com Removing www.example.com from ⬢ example-app... done
If you destroy the app, any custom domains assigned to it will be freed. You can subsequently assign them to other apps.
Rules on adding domains
Any user on Heroku can attempt to add any domain to their app. Instead of explicitly verifying domain ownership, Heroku enforces these rules to ensure that domains claimed by one user aren’t used by other users on different apps:
- A single application can have any number of domains assigned to it.
- You can only add a domain to one app. For example if
www.example.comis added to app
example-1you can’t also add it to app
example-2. One app, however, can have multiple domains assigned.
- You can add a wildcard domain if you own all
existing apps already using a corresponding subdomain. For example if
an app is already using
www.example.comyou must own it to add
- You can add a subdomain or apex domain if you own the app assigned
the corresponding wildcard domain. For example to add
example.comyou must own the app with
*.example.com, if such a custom domain exists.
- You can add a subdomain if all applications using wildcard SSL certificates for that domain are owned by the same account. For example, an account having an application with a
*.example.comwildcard SSL certificate uploaded will prevent you from adding
something.example.comto an application on another account.
If you’re unable to add a domain that you own, please file a support ticket.