How to Manage DNS and Advanced DNS Records

Nameservers function as crucial directories that align your domain with the corresponding IP address, fundamentally shaping how your domain operates. By updating your nameservers, you can switch control of your website and email hosting between providers.

Steps to Modify Your Nameservers:

1. Log in to your account via https://www.web.com/my-account/login.
2. Select Domains on the left side of the page.
   


3. Select the domain name you want to change. If you only have one domain, you will be taken directly to the Domain Details page.
4. On the domain page, go down to the Advanced Tools section.
   


5. Click Manage next to Nameservers (DNS).
   


6. Enter your nameservers, then click Save.

Nameserver (NS) records for subdomains determine which DNS server controls the records for a domain. Pointing a subdomain host to a different nameserver allows another DNS service to manage how records for that subdomain are handled.

Follow the steps below when you are ready to change or modify the NS record.

1. Log in to your account via https://www.web.com/my-account/login.
2. Select Domains on the left side of the page.
   


3. Select the domain name you want to change. If you only have one domain, you will be taken directly to the Domain Details page.
4. On the domain page, go down to the Advanced Tools section.
   


5. Click Manage next to Advanced DNS Records.
   
   1. To Add Records: Click +Add Record. A new window will open.
   2. To Edit Records: Scroll down to the NS Record and click the pencil icon. A new window will open.


6. Add the Subdomain, add the Nameserver, then select the TTL. The TTL default is 7200 (2 hours).
   


7. Repeat these steps for each subdomain and nameserver.
8. Click the Add button. If you are editing records, then click the Edit button.

You have successfully changed the NS record.

The IP address is represented by the Address Record (A Record), which is used to map a domain or subdomain to its numeric IP address. The A Record resolves a domain name or points it to the correct location using the IP address.

1. Log in to your account via https://www.web.com/my-account/login.
2. Select Domains on the left side of the page.
   


3. Select the domain name you want to change. If you only have one domain, you will be taken directly to the Domain Details page.
4. On the domain page, go down to the Advanced Tools section.
   


5. Click Manage next to Advanced DNS Records.
   


6. A new page will open.
   
   1. To Add Records: Click +Add Record. A new window will open.
   2. To Edit Records: Scroll down to the A Record you want to manage and click the pencil icon. A new window will open.
      • To point your domain to an under-construction page, enter the IP Address 205.178.189.129.
7. Select Refers to from the drop-down menu. You can choose @, www, or Other Host.
   • If you select Other Host, you will be asked to enter the Host Name. This could be something like a star (*).
   
   


8. Next, enter the IP Address in Points to and select the TTL. The TTL default is 7200 (2 hours).
9. Click the Add button. If you are editing records, click the Edit button.

You have changed the IP Address for A Records.

The IPv6 address is mapped using the AAAA Record, which links the domain's nameserver or hostname to its numeric IP address. While the A Record resolves a domain name by pointing it to the correct IPv4 address, the AAAA Record facilitates the redirection of your host from one IPv6 address to another.

To add an IPv6 AAAA (quad-A) record, please log into your Web.com account and follow the provided steps. Your request will be thoroughly reviewed, authenticated, and processed within 24 to 48 business hours.

1. Log in to your account via https://www.web.com/my-account/login.
2. Select Domains on the left side of the page.
   


3. Select the domain name you want to change. If you only have one domain, you will be taken directly to the Domain Details page.
4. On the domain page, go down to the Advanced Tools section.
   


5. Click Manage next to Advanced DNS Records.
   


6. A new page will open.
   
   1. To Add Records: Click +Add Record. A new window will open.
   2. To Edit Records: Scroll down to the AAAA Record you want to manage and click the pencil icon. A new window will open.
7. Select Refers to from the drop-down menu. You can choose @, www, or Other Host.
   • If you select Other Host, you will be asked to enter the Host Name. This could be something like a star (*).
   
   


8. Next, enter the IP Address in Points to and select the TTL. The TTL default is 7200 (2 hours).
9. Click the Add button. If you are editing records, click the Edit button.

You have successfully changed the IP Address for the AAAA Records.

Mail Exchange Records (MX Records) establish mail routes for a domain name. Each domain can have multiple mail routes, each assigned a priority number. The route with the lowest number designates the primary server responsible for handling the domain's email. Higher-numbered servers act as backups. Without MX Records, a domain would be unable to receive email messages.

1. Log in to your account via https://www.web.com/my-account/login.
2. Select Domains on the left side of the page.
   


3. Select the domain name you want to change. If you only have one domain, you will be taken directly to the Domain Details page.
4. On the domain page, go down to the Advanced Tools section.
   


5. Click Manage next to Advanced DNS Records.
   


6. A new page will open.
   
   1. To Add Records: Click +Add Record. A new window will open.
   2. To Edit Records: Scroll down to the MX Record you want to manage and click the pencil icon. A new window will open.
7. Select Refers to from the drop-down menu. You can choose @, www, or Other Host.
   • If you select Other Host, you will be asked to enter the Host Name.
   
   


8. Enter your mail server in the Mail Server field.
9. Next, enter the Priority and TTL. The TTL default is 7200 (2 hours).
10. Click the Add button. If you are editing records, click the Edit button.

You have successfully changed the mail server for MX Records.

A CNAME (Canonical Name) Record is a type of DNS record that creates an alias for a domain, allowing traffic for that domain name to be redirected. CNAME records can only be created for third-level domains due to limitations in the Advanced DNS Manager, which does not support alias creation for second-level domains.

Creating a CNAME for a second-level domain could lead to conflicts with other records, potentially disrupting email or website services. If you need to redirect traffic for a second-level domain, consider exploring our Web Forwarding product for a suitable solution.

1. Log in to your account via https://www.web.com/my-account/login.
2. Select Domains on the left side of the page.
   


3. Select the domain name you want to change. If you only have one domain, you will be taken directly to the Domain Details page.
4. On the domain page, go down to the Advanced Tools section.
   


5. Click Manage next to Advanced DNS Records.
   


6. A new page will open.
   
   1. To Add Records: Click +Add Record. A new window will open.
   2. To Edit Records: Scroll down to the CNAME Record you want to manage and click the pencil icon. A new window will open.
7. Select Refers to from the drop-down menu. You can choose @, www, or Other Host.
   • If you select Other Host, you will be asked to enter the Host Name (such as mail, SMTP, autodiscover,@, IMAP, or POP).
   
   


8. Enter the Alias to (hostname). This will typically look like a domain name.
9. Next, enter the TTL value. The TTL default is 7200 (2 hours).
10. Click the Add button. If you are editing records, click the Edit button.

You have successfully changed the host alias for CNAME Records.

TXT records serve multiple functions, one of the most common being the creation of a Sender Policy Framework (SPF). SPF records are crucial for preventing email spammers from forging the "From" fields in emails. They let the domain owner specify which IP addresses are authorized to send email on the domain's behalf.

Need help creating an SPF TXT record? Visit the Sender Policy Framework Tools website for guidance.

Another important use of TXT records is to implement Domain-based Message Authentication, Reporting, and Conformance (DMARC). DMARC leverages DNS to publish policies on how an email from a domain should be handled, whether to take no action, quarantine the message, or reject it outright.

It is important to remember that only one SPF record is allowed per domain. Having multiple SPF records can disrupt your email functionality.

1. Log in to your account via https://www.web.com/my-account/login.
2. Select Domains on the left side of the page.
   


3. Select the domain name you want to change. If you only have one domain, you will be taken directly to the Domain Details page.
4. On the domain page, go down to the Advanced Tools section.
   


5. Click Manage next to Advanced DNS Records.
   


6. A new page will open.
   
   1. To Add Records: Click +Add Record. A new window will open.
   2. To Edit Records: Scroll down to the TXT Record you want to manage and click the pencil icon. A new window will open.
7. Select Refers to from the drop-down menu. You can choose @, www, or Other Host.
   • If you select Other Host, you will be asked to enter the Host Name.
   
   


8. Enter the TXT Value into the field. You will need the entire TXT Value you were given.
9. Enter the TTL value. The TTL default is 7200 (2 hours).
10. Click the Add button. If you are editing records, click the Edit button.

You have changed the TXT records for the Sender Policy Framework.

Service Records (SRV records) enable users to locate specific services within a network rather than identify individual machines. Unlike A Records, which are used to find a specific server or host, SRV records identify services available on the network, such as printers, VoIP systems, FTP services, and more. This functionality is like MX Records direct email traffic, but SRV records are designed for a broader range of network services.

1. Log in to your account via https://www.web.com/my-account/login.
2. Select Domains on the left side of the page.
   


3. Select the domain name you want to change. If you only have one domain, you will be taken directly to the Domain Details page.
4. On the domain page, go down to the Advanced Tools section.
   


5. Click Manage next to Advanced DNS Records.
   


6. A new page will open.
   
   1. To Add Records: Click +Add Record. A new window will open.
   2. To Edit Records: Scroll down to the SRV Record you want to manage and click the pencil icon. A new window will open.
7. Enter the following information in each field.
   1. Service: The name of the service needed (such as _autodiscover).
   2. Protocol: The protocol of the desired service, usually either TCP or UDP.
   3. Weight: A relative weight for records with the same priority. Determines which of the records with the same priority are delivered more frequently. Enter the proportional volume of traffic as a percentage.
   4. Port: The TCP or UDP port on which the service will be found. The port can be any number between 0 and 65535.
   5. Target: The name of the machine providing the service.
   6. TTL: The standard time to live field. The TTL default is 7200 (2 hours).
   7. Priority: The priority of the target host; lower value means more preferred. The priority can be any number between 0 and 65535.
      


8. Click the Add button. If you are editing records, then click the Edit button.

You have successfully changed the Service Record.

Domain Name System Security Extensions (DNSSEC) provide an additional layer of security for your domain. DNSSEC utilizes a digital signature to ensure that the domain resolution process is secure, safeguarding against unauthorized changes.

• Why should you consider DNSSEC? It offers enhanced protection against attacks like cache poisoning, which can misdirect traffic and compromise data.
• How to enable DNSSEC? Simply use the toggle located at the bottom of your domain management page to activate this feature.
  


• Why can't I see the option to turn it on? DNSSEC is only available for .COM/.NET/.INFO/.ORG/.BIZ domains currently.

Certificate Authority Authorization (CAA) records enable you to specify which certificate authorities (CAs) are permitted to issue certificates for your domain. This control helps ensure that only authorized CAs can issue certificates for your domain or subdomains. Your security certificate provider can provide specific guidance on what to include in your CAA record.

1. Log in to your account via https://www.web.com/my-account/login.
2. Select Domains on the left side of the page.
   


3. Select the domain name you want to change. If you only have one domain, you will be taken directly to the Domain Details page.
4. On the domain page, go down to the Advanced Tools section.
   


5. Click Manage next to Advanced DNS Records.
   


6. A new page will open.
   
   1. To Add Records: Click +Add Record. A new window will open.
   2. To Edit Records: Scroll down to the CAA Record you want to manage and click the pencil icon. A new window will open.
7. Enter the following information in each field.
   • Flag: Number between 0 and 255.
   • Tag: Specifies the property you want to associate with the value (issue, issuewild).
   • Value: This is typically the domain of your security provider.
   • TTL: The time to live for the record to be saved by the resolver. The TTL default is 7200 (2 hours).
   
   


8. Click the Add button. If you are editing records, then click the Edit button.

You have successfully changed the CAA Record.

DomainKeys Identified Mail (DKIM) enhances email security by adding a digital signature to outgoing messages, authenticating that the email address is legitimate. The DMARC policy informs recipients that your messages are protected by DKIM and specifies actions to take if messages fail authentication, are flagged as junk, or are rejected.

1. Log in to your account via https://www.web.com/my-account/login.
2. Select Domains on the left side of the page.
   


3. Select the email package you want to edit. If you only have one email package, skip this step.
4. Click DKIM Manager to launch the DKIM Control Panel. You will then be brought to the DKIM Manager.
5. To enable DKIM, select Configure with auto-generated keys.
   


6. Next, select the DMARC policy. It is recommended that DMARC policies be introduced gradually. Begin with a setting of None, move to Quarantine, and finally to Reject. Monitor your DMARC reports at each stage to ensure messages are signed and not spoofed.
   • None - No action needed; useful for monitoring.
   • Quarantine - Message should be set aside.
   • Reject - Message should be rejected.
7. Enter the email address where you want to receive the DMARC reports in the Send Reports to field. This email address must be associated with the domain that you are managing.

You have enabled DKIM, and your DNS settings will be automatically updated if your domain name is on our nameservers.