DNSSEC protection automatically secures all eligible Squarespace domains against DNS spoofing and malicious redirects. This security feature uses public and private keys stored as DS or DNSKEY records in your DNS settings.

Managing DNSSEC Settings

To disable DNSSEC:

1. Open domain panel
2. Select your domain
3. Navigate to DNS > DNSSEC
4. Turn off DNS Security Extensions
5. Click Confirm

To re-enable DNSSEC:

1. Open domain panel
2. Select your domain
3. Navigate to DNS > DNSSEC
4. Turn on DNS Security Extensions

Adding Third-Party DNSSEC Protection

If using external DNSSEC providers like Cloudflare:

1. Open domain panel
2. Select your domain
3. Go to DNS > DNSSEC > Add Record
4. Enter provider's information:
   • Key Label
   • Algorithm
   • Digest Type
   • Digest
5. Click Save

Note: Only one DNSSEC record can be added per domain.

Troubleshooting Common Issues

Records Not DNSSEC Compatible:

1. Disable DNSSEC
2. Re-add the DNS record

DNSSEC Validation Error:

1. Reset nameservers to Squarespace defaults
2. Re-enable DNSSEC

Important Notes:

• DNSSEC automatically disables when using custom nameservers
• Switching back to Squarespace nameservers requires manual DNSSEC re-enabling
• Contact your external DNSSEC provider for specific record values
• All DNSSEC-compatible TLDs on Squarespace Domains include automatic protection

Related Articles

Previous Articles