1000 FAQs, 500 tutorials and explanatory videos. Here, there are only solutions!
Securing web traffic with DNSSEC
This guide explains what DNSSEC is and how this protection strengthens the security of a domain name and the traffic it generates.
What is DNSSEC used for?
Each URL address corresponds to an IP address, and when an Internet user enters the URL address of your site in his Internet browser, he calls on a DNS server whose role is to redirect him to the IP address corresponding to the domain. entered (technically, we are talking about DNS resolution).
When DNSSEC is not activated on your domain name, a malicious person could detect a fault in a DNS server and modify the correspondence between your domain name and the IP address of your site by the IP of his choice. In such a case, the Internet user who would enter the URL address of your site would then be redirected to another website which would not correspond to the content of your website.
DNSSEC makes it possible to secure the authenticity of the response provided by the DNS server and thus guarantees Internet users that they are consulting the website they really want to see. If a hacker tried to modify the IP address of your domain name in a DNS server protected by DNSSEC at the time of the resolution, the latter would thus refuse his requests, because they would not be authenticated.
DNSSEC is therefore a complementary security to the SSL certificate of a site . DNSSEC guarantees the Internet user to go to the site corresponding to the URL address entered, and the SSL certificate then intervenes to encrypt the exchanges between the Internet browser of the Internet user and the Web server of the site he visits.
DNSSEC is available for the vast majority of extensions and can be activated in a few clicks on domain names fully managed by Infomaniak.
- open the Manager ( https://manager.infomaniak.com )
- go to Domain
- click on the domain name concerned
- Enable DNSSEC from the Domain Dashboard :
Check if DNSSEC is enabled
Enter the domain name to check on this analytics site .