DNSSEC: What is it and how does it work
What is DNSSEC?
DNSSEC (Domain Name System Security Extensions) adds an additional layer of security to the DNS servers of a domain. Thanks to it a huge number of malicious activities can be prevented.
How does it work?
When using DNSSEC digital signatures are added to each of the parties implied on the transactions: domain, DNS server and registry.
The way it works, when accessing a website using DNSSEC would be:
- The visitor browser checks the DNS servers applied to the domain.
- If the public digital signatures that are retrieved correspond to the ones published at Registry level, the browser will accept the request and resolve the website, showing its content.
- If for some reason the signatures do not match, the website won't be accessible.
Using DNSSEC at MrDomain
If your DNS providers allows to make use of DNSSEC you'll be able to configure it on your domain at MrDomain, to enable it, go to your domain management, and in the DNS section, click on the three dots to select "Create DNSSEC entry", here you can easily create the necessary records with the parameters provided by your DNS provider.
It is important to remember that in case that DNSSEC is enabled, it is mandatory that the DNS servers are also configured for it, in case they're not, the domain won't resolve.
How to check if DNSSEC is correctly configured
You can easily check if DNSSEC is correctly configured on your domain and DNS servers, simply access the domain management and under the "DNS" tab press the "Check DNS Propagation" button.