What is DNSSEC?
DNSSEC stands for Domain Name System Security Extensions, but what is it exactly? The DNS protocol ensures the translation of a domain name to an IP address.
DNSSEC provides the DNS records with a digital signature, so that the applicant can check whether the record that is coming back is authentic. The “spoofing” of DNS, or so-called cache poisoning, is no longer possible.
Sample of DNS spoofing
Is this important for my domain / website?
- If your site has useful information, many visitors or financial transactions (think of a webshop) then you know that you must have a secure site with an SSL certificate (https: //).
- In the so-called DNS spoofing (man-in-the-middle) attack, a malicious person on the way manages to change the DNS information, whereby the visitor is directed to another identical web server.
- The visitor has no idea that this is a fake server and then provides financial or other important information to someone with bad intentions.
- Even with an SSL secured site (https: //) no difference can be noticed.
How do I secure my domains with DNSSEC?
As soon as you use our name servers, DNSSEC is enabled by default.