MrDomain Help Domain Registration DNSSEC: What is it and how does it work

DNSSEC: What is it and how does it work

What is DNSSEC?

DNSSEC (Domain Name System Security Extensions) adds an additional layer of security to the DNS servers of a domain. Thanks to it a huge number of malicious activities can be prevented.

How does it work?

When using DNSSEC digital signatures are added to each of the parties implied on the transactions: domain, DNS server and registry.

The way it works, when accessing a website using DNSSEC would be:

- The visitor browser checks the DNS servers applied to the domain.

- If the public digital signatures that are retrieved correspond to the ones published at Registry level, the browser will accept the request and resolve the website, showing its content.

- If for some reason the signatures do not match, the website won't be accessible.

Using DNSSEC at MrDomain

If your DNS providers allows to make use of DNSSEC you'll be able to configure it on your domain at MrDomain, in order to enable it simply access the domain management area in your customer account and click on the "DNSSEC" tab, here you'll be able to see the already created records and create/delete them in an easily way using the parameters your DNS provider sent you.

It is important to remember that in case that DNSSEC is enabled, it is mandatory that the DNS servers are also configured for it, in case they're not, the domain won't resolve.

How to check if DNSSEC is correctly configured

You can easily check if DNSSEC is correctly configured on your domain and DNS servers, simply access the domain management and under the "DNS" tab press the "Check DNS Propagation" button.