Skip to main content

DNSSEC Support

 

What is DNSSEC?

DNSSEC, or Domain Name System Security Extensions, is an extension to the existing DNS system designed to make internet usage more secure. DNSSEC prevents malicious actors from providing false DNS answers, which could redirect users to fake websites without their knowledge.

How does DNS work?

Every time you visit a domain name, such as mosthosted.com, your device must first look up the IP address of that website. This is done through the Domain Name System (DNS), which translates domain names into IP addresses. Without DNS, you’d have to remember IP addresses instead of domain names.

The issue: DNS was never designed with security in mind. Anyone who can intercept or manipulate the traffic between you and the DNS server could return a false IP address. This could redirect you to a fake website that looks identical to the real one and attempts to steal your password or payment information.

What does DNSSEC do?

DNSSEC protects against such attacks by cryptographically signing DNS responses. When DNSSEC is enabled:

  • Each DNS record is digitally signed with a private key.
  • Your DNS resolver can verify the signature using the public key in DNS.
  • Only if the signature is valid, the response is trusted.

You can think of DNSSEC as a digital authenticity stamp on DNS responses.

What does DNSSEC solve?

  • Protection against DNS spoofing or cache poisoning
  • Ensures DNS data has not been modified in transit
  • An additional layer of security on top of your SSL certificate
     

Please note: DNSSEC does not encrypt the DNS traffic itself.

DNSSEC at MostHosted

MostHosted offers full DNSSEC support for clients who register their domains with us and use our DNS platform.

What you get:

  • Free DNSSEC signing for supported extensions (.nl, .com, .eu, etc.)
  • Automatic key management and rollover processes
  • Full support for DS records if you use custom nameservers
  • 24/7 monitoring and management through our systems

How do I activate DNSSEC?

If you’ve registered your domain with MostHosted and are using our nameservers, DNSSEC is usually enabled automatically.

Are you using custom nameservers or an external DNS provider? We can assist you in adding the correct DS records at the registry level.

Why is DNSSEC important?

  • Increases the trust and integrity of your domain
  • Essential for sensitive websites such as webshops, banks or portals
  • Increasingly a requirement for government websites and security audits
  • A sign of professionalism and technical reliability

Need Help? Get in Touch with Us!

WhatsApp

+31 85 080 5584

Live Chat

Use the live chat on our website

Phone

+31 85 080 5584