What is DNSSEC?
DNSSEC (Domain Name System Security Extensions) is a security extension to the DNS – the “phonebook” of the internet. While DNS translates domain names (like hosting.gl) into IP addresses, DNSSEC ensures that this information cannot be tampered with along the way.
DNSSEC adds digital signatures to DNS responses, allowing verification that the answer truly comes from the authoritative source and has not been altered by an attacker.
What does DNSSEC do?
DNSSEC protects against a type of attack known as DNS spoofing or cache poisoning, where hackers attempt to insert false DNS data to redirect traffic to fake websites. When DNSSEC is enabled, resolvers (DNS clients) can cryptographically verify that they receive correct and authentic data. If the data cannot be verified, the query is rejected instead of showing a fake result.
- Without DNSSEC: You cannot be sure the DNS response is genuine.
- With DNSSEC: DNS data is signed and can be verified.
Why we automatically enable DNSSEC on Hosting.gl
We automatically enable DNSSEC to ensure that all our customers’ domains benefit from a basic layer of integrity and trust – without requiring any manual setup.
- Security by default: Many domain owners never enable DNSSEC themselves, even though it’s critical. Automatic activation eliminates that risk.
- Protection against phishing and hijacking: DNS manipulation is a common way to steal traffic or data. DNSSEC makes such attacks much harder.
- Trust in our infrastructure: When every domain under Hosting.gl is DNSSEC-secured, it strengthens the overall trust in our platform.
- No added complexity for the customer: Everything is handled automatically – from key generation to signing and rotation.
Conclusion
DNSSEC makes DNS secure in the same way HTTPS makes web traffic secure. At Hosting.gl, we believe security should be the default – not an optional feature. That’s why we automatically enable DNSSEC for all domains.
