NEW CGI Directory

Home Guides Basics Article

How to Enhance your Site Security Using Advanced DNS Settings

1.3/5.0 (3 votes total)

Kumar V
February 22, 2017

Kumar V
Kumar V has written 2 articles for DomainInformer.
View all articles by Kumar V...

In the broadest sense, DNS is essentially an address book that maps domain names (like to their respective IP addresses (like This simple address book mechanism can however be used in a variety of other ways to make your website more secure and in turn, make the experience smoother for your visitors. Here are several ways that DNS settings can be harnessed to protect your site against malware and other forms of security threats.

Mitigating DDoS Attacks

Technology has made it possible for anybody to initiate DDoS attacks against websites, large and small. While we still do not have a fool proof mechanism against all such attacks, effective DNS management with cloud servers can mitigate a lot of these attacks.

This is how it works: typically, a DNS maps the domain name to a specific IP address that hosts the content on your website. If you’re worrying about setup costs – fear not. Businesses of any size can utilize the power of the cloud nowadays, as the market is rife with hosting companies offering cloud server hosting services, completely accessible to the day-to-day user.

These servers can distribute your content across dozens, or even hundreds of servers. The DNS will dynamically point your domain name to one of these several servers so that a DDoS attack against any one of this server does not impact your business and the DNS will continue to map your website to other IP addresses that are still up and host your content.

With CDNs, the protection is enhanced further through content caching so that a DDoS attacker does not ever hit your server directly.

Preventing Phishing & Malware

DNS management allows ISPs to pick and choose websites that they want to show to their customers. Websites like PhishTank crowdsource the list of phishing websites online and this may be accessed by ISPs with the help of an open API to manage their own list of sites that need to be blocked. There are similar databases for websites that contain malware, spyware and other kinds of security threats that ISPs may access to. The way such threats are blocked is simple - every time a user sends a request to one such website, the ISP scans the requested IP address against their list of phishing and malware sites. If it matches, then the request is blocked and the user is notified. If the requested site is deemed clean and safe, then the user is allowed access to the content on the IP address.

Correcting Typos

Imagine this - you want to know your bank balance and decide to access your bank website. Only that, you typed in instead of The website you land on looks very much like your bank’s website. You try logging in but are unsuccessful and so exit the website with the hope of retrying later. Such simple typos can happen with any of us. Yet the ramifications are immense. If was a phishing site, they are likely to have captured your bank login details. DNS management tools are capable of preventing such incidents from happening by either alerting users to the typo or automatically redirecting commonly mistyped addresses to the correct websites.

To sum this up: there are several ways to manage your DNS. You could keep your content hosted on one server and only route your DNS through a host of intermediate IP addresses. Or, like we mentioned earlier, you could host your content across multiple servers and dynamically reroute your DNS to one of these several servers. Perhaps you could do both of these. All these different strategies come with their own benefits (like added security) and disadvantages (like increased latency). Pick a strategy that works for your business and keep your website secure against potential threats.

               Hosting Bookmarks   

Submit Your Articles or Press ReleaseAdd comment (Comments: 0)  



Related Resources

Other Resources