Hostwinds Tutorials

Search results for:


Table of Contents


What is DNSSEC?
How to use DNSSEC in cPanel

cPanel DNSSEC Overview

Tags: cPanel 

What is DNSSEC?
How to use DNSSEC in cPanel

What is DNSSEC?

DNSSEC or Domain Name System Security Extensions is a security level that you can put on your domain to protect your visitors from different attacks. This is done with digital signature records or DS records. The DNS server will compare its DS record to the DS record at the domain's registrar. If the DS records match, you know the record is authentic, and the visitor's information is safe.

How to use DNSSEC in cPanel

To use DNSSEC in cPanel, you would first need to to the "Zone Editor" tab in the domains section. Once in there, you will want to find the domain you would like to use and click the DNSSEC button for that domain. We will be using example.com in this guide.

On this screen, you will have the choice to either import a key or create a key. If you already have a key to use, you will want to import it and use that for your DNSSEC. If you do not already have a key, you will want to create a key.

When creating a key, you can either choose to create or customize it.

If you choose to create it, you will create 2 basic keys to bind to your domain. If you choose to customize, you will be given a screen to configure a key to either be more secure or to your liking.

Once you have created the keys, they will show up on your page with a couple of different options. You will be able to view the DS records that you just created and export the key. View the DS records that will give you all of the information needed when putting it in DNS manager. The export button will give you a key copy if you would like to use the same key again for another domain.

When clicking on the arrow next to your key tag, it will give you a couple more options. These options would be to deactivate or delete that ceratin key.

The Deactivate button will show that the key does not work any longer, but it will not remove the key from your page. You would do this when trying to configure a new key but would still like this key to reference. The Delete button will completely remove this record from your page. You would like to do this when you have completely configured another key, and you do not need this key any longer.

Now that you have created your DNSSEC keys, you can add those DS records to your DNS manager and protect your visitors.

Written by Luke Johnston  /  April 3, 2020