View all Products Close Menu Menu
How to add DNSSEC data to your domain name
Updated Thursday November 5th 2020 / Category Domain Names

IMPORTANT: This is an advance guide, if you’re unsure how to proceed feel free to reach out to our technical support team.

What is DNSSEC?

To understand what DNSSEC is and why it’s important, you must first understand how DNS works. If you’re new to DNS, please watch the DNS Explained video available on Youtube.

DNS on its own is inherently insecure, because by design there is no way to verify that the DNS information you received back from a DNS Resolver or Name Server is actually correct. DNSSEC fixes this problem by introducing a security check, that helps verify that the information received is accurate and has not been tampered with.

It does this by introducing a public/private key pair system, in which each DNS Zone (where the DNS information is stored) has a private key, that is kept secret and used to sign the DNS data. And the public key (publicly available key) can be used confirm that the signed DNS data provided is correct/valid.

This has become more and more necessary over time, to help stop DNS Spoofing Attacks.

If you want a more detailed and technical explination of how it all works, you can have a look at an article written by CloudFlare about DNSSEC. Which explains it in much more depth.

Prerequisites

Before proceeding, you need to generate some DNSSEC data for your domain name. If you have a hosting service with us and you use that service for your DNS hosting as well, we have a guide on how to generate the data in cPanel.

If you use a 3rd party for DNS hosting, please keep in mind that you will need to also setup DNSSEC data on their Name Servers, for everything to work properly.

Creating DNSSEC Data in VIPControl

  1. Login to VIPControl
  2. Navigate to My Services > Domain Management
  3. Click Manage next to the domain name
  4. Click DNSSEC DS Data
  5. Click Add Data +
  6. In the form that appears, you will input the DNSSEC data you have pre-generated, either in cPanel or with a 3rd party.

Verifying DNSSEC is working

ICANN recommends some tools to check DNSSEC on your domain name. We’d recommend using them as well, over other online checkers.

 

If you need any assistance whilst following through with any of these processes, feel free to get in touch with us via eTicket or over the phone on 13 24 85.

Can’t find the answers you're looking for? Check out these other methods of support!