What is DNSSEC?

DNSSEC adds an additional authentication layer onto existing DNS architecture. On its own, DNS is insecure and prone to on-path attacks or other types of DNS forgery attacks. Enabling DNSSEC ensures that your visitors will access your site when entering your domain in their web browser, and not be redirected to forged websites. 

Enabling DNSSEC in Polaris

DNSSSEC can be enabled in the "DNS" tab of a website's settings page on Polaris.

Once DNSSEC has been enabled, you will be shown a series of records which should be added to your domain registrar. Common examples of domain registrars are GoDaddyNamecheap and Google Domains (refer to the Custom Name servers option). Please follow the instructions on your registrars' knowledge base to configure these settings. Do note that any misconfiguration will result in your website becoming inaccessible. 

Once you have added the records to your registrar, it might take up to an hour for the changes to be reflected on Polaris. The status of the setup will then be changed to DNSSEC enabled and you are done with the DNSSEC setup.