Domain Name Security Extensions (DNSSEC) adds an extra layer of security to your domains by attaching digital signature (DS) records to their DNS information.

You can self-manage DNSSEC for domains registered with 1st Domains when they are using third-party (not 1st Domains) name servers that have DNSSEC enabled. An example third-party DNS provider that supports DNSSEC is Cloudflare.

Disabling DNSSEC

1. Firstly, login to the Account Manager and select Manage Domains & Services
2. Next click on the Domain Name you wish to manage to access the Domain Manager.
3. Under the Name Server Delegation section click the Manage DNSSEC button. (If you can't see the 'Managed DNSSEC' button, it means that DNSSEC is not currently enabled for your domain name.)
4. On the DNSSEC Configuration page, click Disable DNSSEC button to disable DNSSEC. Allow up to 48 hours for your changes to take full effect globally.

Updating DNSSEC DS Record

1. Firstly, login to the Account Manager and select Manage Domains & Services
2. Next click on the Domain Name you wish to manage to access the Domain Manager.
3. Under the Name Server Delegation section click the Manage DNSSEC button. (If you can't see the 'Managed DNSSEC' button, it means that DNSSEC is not currently enabled for your domain name.)
4. On the DNSSEC Configuration page, enter the updated DS Record you have been provided by your DNS provider into the input box provided.
5. Click Update DNSSEC button to update the DNSSEC DS record. Allow up to 48 hours for your changes to take full effect globally.
6. After 48 hours, you can validate DNSSEC is enabled by using a DNSSEC Analyser.

Its important to let the propagation take place before testing.