Securing your domain name with DNSSEC

Protect your domain name from cache poisoning by activating DNSSEC

Last updated 26th March 2018


DNS servers store DNS configurations for domain names. DNS records are usually used to link your domain name to the server (or servers) that host your website and email addresses. In a conventional use, this configuration allows you to link your domain name to the server(s) that host your website and email addresses. In recent years, hackers have developed methods to poison DNS servers, allowing them to divert traffic to other servers. There is a way to protect your domain name from these actions: DNSSEC.

Learn how to enable DNSSEC on your domain name to protect it against Poisoning Cache.
To understand how this protection works, we recommend reading this page: Understanding the DNSSEC service.


  • a domain name registered with OVH
  • The domain name concerned must have an extension compatible with DNSSEC.
  • access to the Web Cloud section of the OVH Control Panel


DNSSEC can be activated in two ways:

  • if your domain name uses OVH DNS servers, activation is done in one click from the OVH Control Panel

  • if your domain name does not use OVH DNS servers, you will need to contact the service provider managing its DNS configuration If you manage this yourself, you will need to manually install the DNSSEC service. If this is the case, please use the documentation available online.

To check if your domain name is using the OVH DNS configuration: in the OVH Control Panel, select the domain, and go to the DNS servers tab.

Step 1: Access the domain name management section.

To start with, log in to the OVH Control Panel, and go to the "Web" section. Click Web hosting in the services bar on the left-hand side, then choose the domain name concerned from the list.

The page that appears displays the general information.


Step 2: Manage your domain name’s DNSSEC service.

In the General Information tab, you can check the activation status of DNSSEC on your domain name.

To do this, in the "Security" box, check the status next to "Secure Delegation - DNSSEC".


By moving the activation button, you can activate or deactivate the DNSSEC service on your domain name. A new window will then appear, where you will need to confirm the change.


Step 3: Wait during the activation or deactivation.

Once you have decided to activate or deactivate DNSSEC on your domain name, you will need to wait a maximum of 24 hours for the change to take effect.

Go further

Join our community of users on

Did you find this guide useful?

Please feel free to give any suggestions in order to improve this documentation.

Whether your feedback is about images, content, or structure, please share it, so that we can improve it together.

Your support requests will not be processed via this form. To do this, please use the "Create a ticket" form.

Thank you. Your feedback has been received.

OVHcloud Community

Access your community space. Ask questions, search for information, post content, and interact with other OVHcloud Community members.

Discuss with the OVHcloud community