DNSSEC protection automatically secures all eligible Squarespace-managed domains, safeguarding against DNS spoofing and malicious redirects. This security feature uses public and private keys stored in your DNS records as DS or DNSKEY records.

How DNSSEC Works Domain Name System Security Extensions (DNSSEC) verifies domain data integrity as visitors load your site. It automatically creates and manages security keys in your DNS records.

Managing DNSSEC Settings

Disabling DNSSEC:

1. Navigate to domains dashboard
2. Select your domain
3. Click DNS > DNSSEC
4. Turn off DNS Security Extensions toggle
5. Click Confirm

Note: DNSSEC automatically disables when using custom nameservers.

Adding Third-Party DNSSEC Protection To use alternative DNSSEC protection (like Cloudflare):

1. Access domains dashboard
2. Select domain
3. Click DNS > DNSSEC > Add record
4. Enter provider's information:
   • Key tag
   • Algorithm
   • Digest type
   • Digest
5. Click Save

Re-enabling DNSSEC

1. Open domains dashboard
2. Select domain
3. Click DNS > DNSSEC
4. Enable DNS Security Extensions toggle

Troubleshooting Common Issues

Records Incompatible with DNSSEC:

1. Disable DNSSEC
2. Re-add DNS record

DNSSEC Validation Failure:

1. Reset to Squarespace default nameservers
2. Re-enable DNSSEC

Remember: You can only have one DNSSEC record per domain, and it's automatically enabled for supported TLDs using Squarespace's default nameservers.

Related Articles

Previous Articles