What is DNSSEC?

What is DNSSEC?

DNSSEC stands for Domain Name System Security Extensions, but what is it exactly? The DNS protocol ensures the translation of a domain name to an IP address.

DNSSEC provides the DNS records with a digital signature, so that the applicant can check whether the record that is coming back is authentic. The “spoofing” of DNS, or so-called cache poisoning, is no longer possible. ​

DNS Spoofing

Sample of DNS spoofing

Is this important for my domain / website?

  • If your site has useful information, many visitors or financial transactions (think of a webshop) then you know that you must have a secure site with an SSL certificate (https: //).
  • In the so-called DNS spoofing (man-in-the-middle) attack, a malicious person on the way manages to change the DNS information, whereby the visitor is directed to another identical web server.
  • The visitor has no idea that this is a fake server and then provides financial or other important information to someone with bad intentions.
  • Even with an SSL secured site (https: //) no difference can be noticed.

How do I secure my domains with DNSSEC?

As soon as you use our name servers, DNSSEC is enabled by default.