DNSSEC is a feature of the Domain Name System (DNS) that authenticates responses to domain name lookups. It prevents attackers from manipulating or poisoning the responses to DNS requests. DNS technology was not designed with security in mind. One example of an attack on DNS infrastructure is DNS spoofing. In which case an attacker hijacks a DNS resolver’s cache, causing users who visit a website to receive an incorrect IP address and view the attacker’s malicious site instead of the one they intended.
When you activate DNSSEC, we will generate a public and private key for your zone. The public key is provided to you in the form of DS or DNSKEY records. The records should be configured at the domain provider, where the domain name is registered. During the deployment of your zone in our network, we will use the private key to sign all your records. These signatures will be received and checked by the end-user resolver if they match with the public keys and the resolver will be able to authenticate that the records are not manipulated during the network transfer.
Just click the activation button in the control panel, and our system will secure the zone. You will be required only to add the DS records at the provider, and the setup will be completed.
We are using the Elliptical Curve Algorithm (ECDSA P-256) for all signatures, which is stronger and smaller than the standard RSA keys.
Keeping DNS answers as small as possible means faster speed for you! Additionally, our Anycast DNS Network provides more rapid responses from the closest location to the resolver.
无论哪一天，无论何时，我们都能提供连续不间断的网络监控和支持。 Our Technical Support team is online for you 24/7 by live chat and tickets. We can migrate your zones for free, read more here.
DNSSEC management services are part of our DNS hosting plans - Premium DNS, DDoS Protected DNS, and GeoDNS. No extra costs for better security!
|Managed Anycast DNS with DNSSEC: ?|
|每月的DNS查询: ?||5M i||无限||无限|
|DNS Failover & Monitoring checks: ?||1||2||3|