CAA Record Support – Securing your domain

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

I am happy to introduce support for CAA records, which are used to further secure your websites and online properties. This is a new security feature I am introducing, and if you’re hosting with me and I manage your domain / DNS records, then the changes have already been done for you automatically.

A CAA record defines what certificate authorities (i.e. Let’s Encrypt, Symantec, Google, and many more) are defined as the allowed certificate authority for your domain. This means that if I define that only Let’s Encrypt can create certificates for your domain, then nobody can put up a copycat site on the domain using a certificate from Symantec, for example.

While not perfect, this CAA record is a best practice for DNS management and recommended by respected security gurus around the world.

For more information on CAA records (which is a DNS record type), you can learn more at the resources below: