How Do I Manage DNS and Advanced DNS Records in support.web.com?
Overview
DNS and Advanced DNS (ADNS) Records are already configured to utilize your services. However, these records can be modified when needed. This option is helpful if you want to keep one of your services active and host your other service with another provider.
For example, you want to keep your email inbox active and host your website with another provider. Your Domain Name Servers must be moved to our managed nameservers to use the Advanced DNS Manager.
Domain Name Server changes may take 24-48 hours to update throughout the internet, also called propagation. Updates may resolve faster at some locations than others because many name servers on the Internet retrieve updates at different times.
Updating DNS and Advanced DNS Records
Follow the below steps to Update and Manage Advanced DNS Records.
- Click here and log in to your Account Manager.
- Click the Domains tile.
- There are two ways to reach the DNS and Zone file settings for the domain:
- Option 1: Under the Advanced Settings area on the right-hand side of the page, click on the DNS Records or Nameservers options.
- Option 2: Click on the Advanced Settings tab located at the top adjacent to the Domain Overview tab.
- On the left-hand side of the screen, you will see DNS RECORDS, NAMESERVERS, and DNSSEC.
- To move your DNS to a new server, click Nameservers. Your current records will appear.
- To edit your Records, click the Edit this record icon to the right of Name Server 1 and Name Server 2.
- Enter the new nameservers, then click Save Changes.
- To change your Advance DNS Records, click DNS Records. Your current records will appear.
- To edit your Records, click the Edit icon to the right of the Record you would like to edit. Edit the Name, Value, or Priority, then click the checkbox.
- To add a new Record, click on + Add New Record in the bottom left corner of the Record Box. Select the record from the drop-down menu. Add the Name and Priority (if applicable), then click the checkbox.
- To delete a Record, click on the Delete icon to the right of the Record you would like to delete. If you accidentally click delete on a record, click Cancel and the record will reappear.
- When you have made all the changes needed, click Save Changes.
You have changed the ADNS Records.
For an explanation of each record, select the arrow next to the record for more information.
A CNAME (canonical name) Record is a DNS record that can create an alias for the domain and allow traffic for the domain name to be redirected elsewhere. You can only create a CNAME for a third-level domain. The Advanced DNS manager does not provide the option to create an alias for the second level.
This would potentially create conflicts with other records and could result in the loss of email or website services. If you want to redirect traffic for a second-level domain, you can review our Web Forwarding product.
TXT Records have several functions. One common function is to use the TXT record to create a Sender Policy Framework or SPF. SPF Records help stop email spammers from forging the From fields in an email. Thus, allowing the owner of a domain to designate the IP address that can be used to send email from that domain.
Need help creating an SPF TXT record? Click this site directly above entries.
Another function is to create Domain-based Message Authentication, Reporting, and Conformance (DMARC). DMARC uses DNS to publish information on how an email from a domain should be handled (e.g., do nothing, quarantine the message, or reject it).
Domain Name System Security Extensions (DNSSEC) adds an extra layer of security to your domain. It uses a signature when trying to resolve your domain, ensuring that the connection is secure.
- Why would I want it? DNSSEC provides added security against attacks such as cache poisoning.
- How do I turn it on? There's a toggle at the bottom of your domain page.
- Why can't I see the option to turn it on? DNSSEC is only available for .COM/.NET/.INFO/.ORG/.BIZ domains currently.
Certificate Authority Authorization (CAA) records allow you to restrict certificate providers for your domain. This gives you control over who can issue a certificate on your domain or subdomain. Your security certificate provider can give you the details on what to enter for your CAA record.
How do I know what to input? Reach out to the provider of your security certificate for details on what to enter for your CAA record.
CAA Records require these values:
- Flag: Number between 0 and 255.
- Tag: This specifies the property you want to associate with the value(issue, issuewild).
- Value: This is typically the domain of your security provider.
- TTL: This is the time to live for record to be saved by resolver.