By Emily Brooks · Dec 11, 2025

Monitoring Subdomains: The Hidden Downtime That Quietly Costs You Customers

Your monitoring dashboard shows 100% uptime. Green across the board. You move on to other priorities, confident that your online presence is healthy. But while you are celebrating that perfect score, your customer portal at portal.example.com has been returning 502 errors for the past three hours. Your blog at blog.example.com is serving a DNS error page. Your API at api.example.com dropped its SSL certificate, and every mobile app user is staring at a connection error.

The monitoring dashboard is technically correct. Your main site, www.example.com, is up. But your business runs on more than just the homepage. Each subdomain serves a different function, handles a different customer touchpoint, and often runs on completely separate infrastructure. When you only monitor the root domain, you are checking whether the front door is open while the back office, the warehouse, and the customer service desk could all be on fire.

This is one of the most common and most expensive blind spots in uptime monitoring. The fix is straightforward: treat each subdomain as its own monitoring target. UptyBots makes this practical by letting you set up independent checks, alert rules, and uptime tracking for every subdomain that matters to your business.

Every Subdomain Is a Separate Business Function

Think about what your subdomains actually do. Each one typically serves a distinct purpose and a distinct audience:

shop.example.com processes transactions. When it goes down, you stop making money.
api.example.com powers your mobile app and third-party integrations. When it goes down, every app user and every partner integration breaks simultaneously.
blog.example.com drives organic search traffic. When it goes down for more than a few days, search engines start deindexing your content, and traffic you spent months building disappears.
portal.example.com is where customers log in to manage their accounts. When it goes down, support tickets flood in, and customers question whether they can rely on your service.
cdn.example.com serves images, stylesheets, and scripts. When it goes down, your main site might technically load, but it looks broken because all the assets are missing.
mail.example.com handles email delivery. When it goes down, your team misses messages from customers and partners.
docs.example.com hosts your product documentation. When it goes down, developers who integrate with your product cannot find the information they need and contact support instead.

Each of these is a separate system with its own server, its own configuration, and its own failure modes. A problem with one does not cause problems with the others, which means a problem with one does not get detected by monitoring on the others. The only way to know that api.example.com is down is to monitor api.example.com directly.

Why Subdomains Fail While the Main Site Stays Up

Subdomains fail independently because they typically run on independent infrastructure. A common setup for a mid-sized business looks something like this:

www.example.com sits behind Cloudflare or AWS CloudFront, cached and replicated across the globe.
shop.example.com runs on Shopify, BigCommerce, or a dedicated e-commerce server.
api.example.com is deployed on Kubernetes, a dedicated API gateway, or a separate cloud instance.
blog.example.com runs WordPress on its own VPS, often a smaller, cheaper server that gets less attention.
mail.example.com points to an external email service like Google Workspace or Mailgun.
cdn.example.com resolves to a cloud storage bucket or a media-specific CDN.

Different servers, different providers, different configurations, different points of failure. When the WordPress VPS runs out of disk space, the blog goes down. When the Shopify integration has a DNS misconfiguration, the shop goes down. When the Kubernetes pod crashes, the API goes down. None of these events affect www.example.com, and none of them trigger your single-target uptime monitor.

Three Outage Scenarios That Happen Every Week

Scenario 1: The Holiday Sale That Nobody Could Buy From

An online retailer runs their marketing site on www.example.com and their storefront on shop.example.com. They launch a holiday campaign driving traffic to the main site. Everything looks good: the landing page loads fast, the banner looks great, the monitoring dashboard is green.

But the shop subdomain is hosted on a separate server that was not scaled for the traffic surge. It starts returning 503 errors under load. Customers click "Shop Now" from the beautifully functioning landing page and land on an error page. The marketing team sees high traffic in analytics. The sales team sees zero orders. Nobody connects the dots for 90 minutes because the monitoring only watches the main domain.

At $8,000 per hour in expected holiday revenue, that 90-minute gap cost the business approximately $12,000 in lost sales, plus the cost of frustrated customers who will not return to try again.

Scenario 2: The SSL Certificate That Expired on the API

A SaaS company uses a wildcard certificate for most of their subdomains, but their API subdomain uses a separate certificate managed by a different team. The wildcard renews automatically. The API certificate does not. When it expires on a Friday evening, every mobile app request to api.example.com fails with an SSL error.

The main website works perfectly. The admin dashboard works. Customer-facing pages are all green. But 100% of mobile app users and 100% of partner API integrations are broken. The on-call engineer does not get paged because the monitoring only checks the main domain. A partner company emails about the issue at 11 PM. The certificate gets renewed Saturday morning.

Total API downtime: 14 hours. During that time, mobile app users saw error messages and some uninstalled the app. Partner integrations queued up thousands of failed requests. The reputational damage with partners took weeks to repair.

Scenario 3: The Blog That Vanished From Google

After migrating DNS providers, a marketing team carefully updates all their DNS records. The A record for www.example.com, the MX records for email, the TXT records for verification. But the CNAME record for blog.example.com does not get copied over. The blog starts returning NXDOMAIN errors, which means the domain name simply does not resolve.

The blog generates 45% of the company's organic search traffic. Within days, Google's crawlers notice the blog is unreachable and begin removing those pages from the index. By the time a content writer tries to publish a new post and discovers the blog is down, it has been offline for 11 days.

The DNS fix takes 5 minutes. Recovering the lost search rankings takes 3 to 4 months. The organic traffic that blog generated, roughly 25,000 monthly visits, drops to near zero and rebuilds slowly. At their historical conversion rate, those lost visits represented approximately $15,000 to $20,000 in pipeline value per month.

What Each Subdomain Needs: A Monitoring Plan by Type

Not every subdomain needs the same checks. The right monitoring depends on what the subdomain does and how much its failure costs the business.

Subdomain Type	Recommended Checks	Why It Matters
E-commerce (shop.)	HTTP status, SSL, response time, content keyword	Directly tied to revenue; slow or broken pages lose sales
API (api.)	HTTP status, API response validation, SSL, port	Mobile apps and integrations depend on it; failures cascade
Blog (blog.)	HTTP status, SSL, DNS resolution	Drives organic traffic; outages cause SEO damage
Portal / Dashboard (portal.)	HTTP status, SSL, synthetic login flow	Customer-facing; broken logins drive support tickets
Mail (mail.)	Port checks (25, 587, 993), SSL	Email disruptions damage communication and trust
CDN / Media (cdn.)	HTTP status, response time, SSL	Broken media assets degrade user experience site-wide
Staging / Dev (staging.)	HTTP status, SSL	Broken staging slows the development team

The pattern is simple: the more revenue or customer trust a subdomain handles, the more monitoring layers it needs. A staging environment can get by with a basic HTTP check. Your checkout or API subdomain needs HTTP, SSL, response validation, and fast alert thresholds.

Setting Up Subdomain Monitoring in UptyBots: Step by Step

Step 1: Inventory Every Active Subdomain

Start by listing every subdomain your business operates. Check your DNS provider's dashboard for all A, AAAA, and CNAME records. You will almost certainly discover subdomains you forgot about. Campaign landing pages from last quarter. A staging environment someone spun up for a one-time demo. A knowledge base subdomain that points to an old Zendesk account.

Pull a full record list from your DNS provider
Check for subdomains created by marketing for campaigns that are still resolving
Look for development or staging subdomains accessible from the public internet
List third-party service subdomains (help desk, status page, knowledge base)

Step 2: Classify by Business Impact

Not all subdomains are equal. Group them into tiers:

Tier 1 (revenue and customer-facing): shop, checkout, API, customer portal. These need the fastest check intervals and the most alert channels. A 5-minute outage here costs real money.
Tier 2 (supporting functions): blog, docs, CDN, status page. These are important but a brief outage does not immediately stop revenue. Monitor them but with slightly relaxed thresholds.
Tier 3 (internal): staging, dev tools, internal dashboards. Monitor for convenience. Alert via email only, with longer failure thresholds to avoid noise.

Step 3: Create Individual Monitors

In UptyBots, add each subdomain as a separate target. This gives you independent uptime tracking, independent latency graphs, and independent alerting per subdomain. Do not assume that monitoring the root domain covers the subdomains. It does not.

Step 4: Match Check Types to Functions

HTTP/HTTPS checks for every web-facing subdomain. Verify the status code (should be 200), response time, and optionally check for specific content on the page to catch cases where the server returns a generic error page with a 200 status.
Port monitoring for non-web services. Mail servers, databases, custom TCP services. If it listens on a port, you can monitor that port.
SSL monitoring for every subdomain using HTTPS. Catch expiring certificates before they break connections. Use the SSL Expiry Countdown tool to check current certificate status.
Synthetic monitoring for subdomains with login flows or multi-step processes. A simple HTTP check might report the login page as healthy while the actual login mechanism is broken.
Ping/ICMP for infrastructure-level reachability, keeping in mind that some hosts block ping requests.

Step 5: Configure Alert Thresholds by Tier

Match your alert urgency to the subdomain's business impact:

Tier 1: Alert immediately on first failure. Notify via email and Telegram or webhook. These are your revenue lines.
Tier 2: Alert after 2 to 3 consecutive failures. This filters out momentary blips while still catching real outages within minutes.
Tier 3: Alert after 3 or more consecutive failures, via email only. You want to know, but it does not need to wake anyone up.

Step 6: Audit Quarterly

Subdomain infrastructure changes as your business evolves. Set a quarterly reminder to:

Scan DNS for new subdomains that need monitoring
Remove monitors for decommissioned subdomains
Verify SSL certificate validity across all monitored subdomains
Review alert history for recurring patterns (flaky subdomains that need infrastructure attention)
Reassess tier classifications as business priorities shift

Five Subdomain Monitoring Mistakes That Cost Businesses Money

Mistake 1: Monitoring Only the Root Domain

This is the most common and most expensive mistake. A green check on example.com means exactly one thing: example.com responded to a check. It tells you nothing about api.example.com, shop.example.com, blog.example.com, or any other subdomain. Every active subdomain needs its own monitor.

Mistake 2: Assuming Wildcard SSL Covers Everything

Wildcard certificates (*.example.com) simplify SSL management, but they are not universal. Many setups use separate certificates for specific subdomains, especially for services running on different servers or through different proxies. Even with a wildcard, the certificate still expires. If auto-renewal breaks, every subdomain goes down simultaneously.

Mistake 3: Single-Location Monitoring

A subdomain might resolve correctly from your monitoring location in the US but return errors for users in Europe due to DNS propagation delays, CDN misconfigurations, or regional routing issues. Multi-location monitoring catches regional failures that affect real customers in real markets.

Mistake 4: Forgetting Campaign and Temporary Subdomains

Marketing teams create subdomains for launches, promotions, and campaigns. promo.example.com, launch.example.com, blackfriday.example.com. These subdomains get set up, used, and then forgotten. They remain live and publicly accessible, but nobody monitors them. Over time, they can develop security vulnerabilities, serve outdated content, or redirect to dead pages, all of which reflect poorly on your brand.

Mistake 5: Relying on Ping Alone

A ping check tells you that a server is reachable at the network level. It does not tell you whether the web application on that server is working. An ICMP ping can return a healthy response while the application crashes on every request, while the database connection is broken, or while the server returns error pages to every visitor. Ping is a useful baseline, but it must be combined with HTTP or API checks for meaningful monitoring.

The Compound Cost of Unmonitored Subdomains

The cost of a subdomain outage is not just the immediate lost revenue or the support tickets. It compounds in ways that are hard to measure but very real:

SEO damage from blog/content outages. Search engines crawl your content constantly. When a content subdomain returns errors for more than a few days, those pages get deindexed. Rebuilding rankings takes months, and you lose the organic traffic pipeline you invested in building.
Customer trust erosion from portal outages. When customers cannot log in, they do not just wait patiently. They question whether your product is reliable. B2B customers start evaluating alternatives. The damage is invisible in the short term but shows up as churn months later.
Partner relationship damage from API outages. If partners integrate with your API and it goes down without warning, they lose trust in your reliability. Some will build in fallback mechanisms to route around you. Some will switch providers. Partner conversations about reliability are difficult to recover from.
Developer productivity loss from staging outages. A broken staging environment blocks testing and deployment. Your engineering team cannot ship features, which delays product improvements, which affects revenue growth. The cost is indirect but real.
Brand damage from CDN outages. When your CDN subdomain fails, your main site might load but with broken images, missing styles, and non-functional scripts. Users see a site that looks unprofessional and broken, even though the server itself is perfectly healthy.

Use the Downtime Cost Calculator to estimate what unmonitored subdomain outages could be costing your business.

A Complete Subdomain Monitoring Checklist

Use this when setting up monitoring for a new project or auditing an existing setup:

Pull a complete list of active subdomains from your DNS provider
Classify each subdomain by business impact (Tier 1, 2, or 3)
Create a separate monitor in UptyBots for each active subdomain
Add HTTP/HTTPS checks for all web-facing subdomains
Add SSL expiry monitoring for every subdomain using HTTPS
Add port checks for non-web services (mail, database, custom TCP)
Configure alert thresholds per subdomain based on its tier
Enable multi-location monitoring for subdomains served via CDN or to global audiences
Set up at least two notification channels (e.g., email + Telegram)
Schedule quarterly audits to catch new, changed, or decommissioned subdomains
Document your subdomain inventory and assign ownership to specific team members

Frequently Asked Questions

How many subdomains should I monitor?

Every subdomain that serves traffic to users, partners, or internal teams should have at least a basic HTTP and SSL check. If a subdomain is active in your DNS and serves any purpose, it belongs in your monitoring setup. Most businesses discover they have more subdomains than they thought once they actually audit their DNS records.

Can I use a wildcard monitor instead of individual subdomain monitors?

No. Wildcard DNS records route traffic, but monitoring needs to target specific endpoints. Each subdomain may run different software, return different expected responses, and need different alert thresholds. A wildcard check would not know what a healthy response looks like for each subdomain. Individual monitors give you the granularity to catch real problems.

What about subdomains hosted on third-party services?

Monitor them. Even if Shopify, Zendesk, or WordPress.com hosts your subdomain, outages on their end affect your customers. Your visitors do not know or care that the subdomain is hosted externally. They just know your site is broken. External monitoring confirms that the third-party service is delivering your subdomain correctly.

How often should subdomain checks run?

For revenue-critical subdomains (shop, API, checkout), check every 1 to 5 minutes. For supporting subdomains (blog, docs), every 5 to 10 minutes is sufficient. SSL certificate checks can run less frequently since certificates do not expire without warning. Once or twice per day catches upcoming expirations with plenty of lead time.

See setup tutorials or get started with UptyBots monitoring today.