LevelUpSecurityLabs • Blog Post

From Free GitHub Pages to a Custom Domain:
What I Learned About A Records and CNAME Records

Publishing a blog sounds simple until DNS enters the picture. This post walks through how I connected a free GitHub Pages site to my custom domain and the real lessons I learned about A records, CNAME records, propagation, and security.

Introduction

When I launched LevelUpSecurityLabs, I wanted a clean and low-cost way to host a cybersecurity blog. GitHub Pages was the perfect starting point because it let me publish a website for free directly from a repository.

The part that turned into the biggest learning experience was connecting that free site to a real custom domain. That is where DNS stopped being an abstract concept and became something practical I had to understand well enough to make the site work.

What I Did

Step 1: Created a free GitHub Pages site

I created a GitHub repository for my site and added an index.html file so GitHub Pages could publish it as a website. 

Repository example:
username.github.io

Step 2: Bought and prepared my domain

I used my domain provider to manage DNS records for levelupsecuritylabs.com.

Step 3: Pointed the domain to GitHub Pages

To make the root domain work, I added GitHub Pages IP addresses as A records. To make the www version work, I created a CNAME record pointing to my GitHub Pages hostname.

Step 4: Added the custom domain in GitHub

In GitHub Pages settings, I added my custom domain so GitHub knew which domain should map to the site.

How the DNS Records Were Set Up

A Records for the Root Domain

Type: A
Host: @
Value: 185.199.108.153
Value: 185.199.109.153
Value: 185.199.110.153
Value: 185.199.111.153

These records made levelupsecuritylabs.com resolve to GitHub Pages.

CNAME Record for WWW

Type: CNAME
Host: www
Value: username.github.io

This made www.levelupsecuritylabs.com resolve to the GitHub Pages hostname.

What I Learned About A Records

An A record maps a domain directly to an IP address. This is what lets a domain name point straight to the system hosting your website. 

levelupsecuritylabs.com → 185.199.108.153

Lesson: A records are usually what you use for the root domain, also called the apex domain.

  • They point directly to an IP address.
  • They are commonly used for the root domain like levelupsecuritylabs.com.
  • If the hosting provider changes IP addresses, the DNS record must be updated.

What I Learned About CNAME Records

A CNAME record maps one domain name to another domain name instead of directly to an IP address. 

www.levelupsecuritylabs.com → username.github.io

Lesson: CNAME records are great for subdomains because they follow the destination hostname automatically.

  • They point to another hostname rather than an IP address.
  • They are commonly used for subdomains like www.
  • They are more flexible because the target service can change IPs without requiring you to update DNS manually.

A Record vs CNAME Record

Feature A Record CNAME Record
Points to IP address Another domain name
Best use Root domain Subdomains like www
Flexibility Lower Higher
Maintenance Manual if IP changes Usually easier to maintain

Problems I Ran Into

DNS propagation delay

After making the changes, the site did not work immediately. That was not because the configuration was wrong. It was because DNS changes take time to propagate.

HTTPS did not work right away

The secure version of the site was not ready until the domain was resolving correctly and GitHub finished provisioning the certificate.

Root domain and www are not the same thing

I learned that supporting both versions takes separate DNS planning. One was handled with A records, and the other with a CNAME record.

New sites can look suspicious

A brand new domain or website can sometimes get flagged by security tools because it has little or no reputation yet.

Security Lessons From a Simple Blog Setup

This process also reinforced how important DNS is from a security perspective. DNS is not just a website setup task. It is part of the trust model for the internet.

  • Misconfigured DNS can cause outages and broken user access.
  • Dangling CNAME records can create subdomain takeover risk.
  • Attackers often abuse weak or abandoned DNS configurations.
oldsubdomain.levelupsecuritylabs.com → old-service.example.com

If that destination is no longer in use but the DNS record remains, someone else may be able to claim the service and take control of the subdomain.

Final Takeaways

  • GitHub Pages is a great free option for hosting a personal blog.
  • A records are used to point the root domain directly to IP addresses.
  • CNAME records are used to point a subdomain to another hostname.
  • You often need both to fully support a custom domain setup.
  • DNS is not just infrastructure. It is also a real security concern.

Next Up

In the next post, I’ll break down a real issue I ran into after publishing this site:

🛡️ Why Is Anti-Virus Blocking My Webpage?

After launching my blog, I noticed that some browsers and security tools were flagging the site as suspicious. This wasn’t due to malicious activity, but rather how new domains and infrastructure are treated in security ecosystems.

I’ll cover:

  • Why newly registered domains get flagged
  • How reputation-based security systems work
  • Common false positives with GitHub Pages hosting
  • Steps to improve domain reputation and reduce blocking

This is a real-world example of how security controls can impact legitimate projects—and what you can do about it.

Built for LevelUpSecurityLabs.