How do I manage DNS settings in cPanel
Explanation of DNS
DNS or Domain Name System is an internet database which translates and stores numerical addresses (IP addresses) of each and every website in the world, to alphabetical names. This process makes it far easier for us to remember a website’s name instead of having to remember it by its IP address (for example – 184.108.40.206).The IP address also, in essence, is used as an internet address locator for each website using the DNS database.
When a user visits a website, a request is sent to the DNS server which is then forwarded to the web hostingcompany’s server. This server then routes all the data or content pertaining to the website back to the user. Various strings of letters are used as commands that state the actions of the DNS server, and these strings of commands are called DNS syntax. Some DNS records syntax that are commonly used are A, AAAA, CNAME, MX, PTR, NS, SOA, SRV, TXT, and NAPTR.
Editing DNS Records in cPanel
There are two options you can choose- Advanced DNS Zone Editor and Simple DNS Zone Editor. There is no significant difference between the two of them except the basic underlying ones, but for most cases, the simple zone editor can be used. We will first describe its functionality and then look at the additional options provided by the Advanced DNS Zone Editor.
The one major difference is the option to completely reset your DNS records to the default ones.
Note: If you are not 100% sure what changes you are making, it is always better to use the Simple DNS Zone Editor in order to avoid any major issues with the DNS zone for your domain name and the accessibility of your website.
Simple DNS Zone Editor
1. Log into cPanel.
2. Navigate to Home >Domains > Simple Zone Editor.
The Simple Zone Editor page will be displayed.
3. Select the desired domain name for which you would like the DNS zone to be modified from the Select a Domain drop down list.
The three new sections will be displayed.
4. The first section, Add an A Record allows you to give you the possibility to add an A record for your domain name.
5. Enter the desired sub-domain name for the A record in the Name text entry box.
6. Enter the IP address to which you would like it pointed in the Address text entry box.
7. Click Add an A Record.
The notification that you have successfully added the A record for your domain will be displayed.
8. The second section, Add a CNAME Record allows you to add CNAME records for your domain name.
9. Enter the desired sub-domain name for the CNAME record in the Name text entry box.
10. Enter the address (note that it should be fully qualified domain name) to which you would like it pointed in the CNAME text entry box.
11. Click Add CNAME Record.
The notification that you have successfully added the CNAME record for your domain will be displayed.
12. The third section User-Defined Records allows you to delete existing custom DNS records for your domain name.
13. If you no longer wish to use a DNS record that you have previously created it can be removed in this section. To do so, click Delete link in the row of the user defined record you wish to delete.
The message box asking you to confirm the record deletion will be displayed.
Note: You can delete only the custom user-defined records and not the default records set for your domain name.
Advanced DNS Zone Editor
1. Navigate to Domains >Advanced Zone Editor.
The Advanced Zone Editor page will be displayed.
Note: Do not use this option in case you need custom setup for your domain name DNS. Use this only when you want the DNS reset to default.
2. To reset the DNS Zone for the selected domain name, click More link.
3. Check box confirming that you would like the DNS Zone to be reset.
4. Click Reset Zone File.
You are able to add one additional type of record – TXT. Also there is an additional field to add TTL (time to live) for the record you are creating. If there are no specific requirements you can use the default value 14400 for TTL. This will not cause any issues.
The A and CNAME records are still available and you can select to add such records from the same drop-down list.
You can also manage the existing records. You can not only delete but also edit existing records.
5. Click Edit link.
The selected record will be displayed in edit mode.
6. Edit the record and save it.
Note: Be very careful and do not make changes if you are not sure of them in order to avoid service downtime.
The registrant details on a domain will be updated.
List of DNS Records
|A||Returns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host.|
|AAAA||Returns a 128-bit IPv6 address, most commonly used to map hostnames to an IP address of the host.|
|CNAME||Alias of one name to another: the DNS lookup will continue by retrying the lookup with the new name.|
|MX||Tells where to pick up emails. Maps a domain name to a list of message transfer agents for that domain|
|NS||Delegates a DNS zone to use the given authoritative name servers|
|SRV||Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX.|
|TXT||Originally for arbitrary human-readable text in a DNS record. Since the early 1990s, however, this record more often carries machine-readable data. Often used for opportunistic encryption, Sender Policy Framework (SPF), DKIM, DMARC, DNS-SD, etc.|
|AFSDB||Location of database servers of an AFS cell. This record is commonly used by AFS clients to contact AFS cells outside their local domain. A subtype of this record is used by the obsolete DCE/DFS file system.|
|APL||Specify lists of address ranges, e.g. in CIDR format, for various address families. Experimental.|
|CAA||DNS Certification Authority Authorization, constraining acceptable CAs for a host/domain|
|CDNSKEY||Child copy of DNSKEY record, for transfer to parent|
|CDS||Child copy of DS record, for transfer to parent|
|CERT||Stores PKIX, SPKI, PGP, etc.|
|DHCID||Used in conjunction with the FQDN option to DHCP|
|DLV||For publishing DNSSEC trust anchors outside of the DNS delegation chain. Uses the same format as the DS record. RFC 5074describes a way of using these records.|
|DNAME||Alias for a name and all its subnames, unlike CNAME, which is an alias for only the exact name. Like a CNAME record, the DNS lookup will continue by retrying the lookup with the new name.|
|DNSKEY||The key record used in DNSSEC. Uses the same format as the KEY record.|
|DS||The record used to identify the DNSSEC signing key of a delegated zone|
|HIP||Method of separating the end-point identifier and locator roles of IP addresses.|
|IPSECKEY||Key record that can be used with IPsec|
|KEY||Used only for SIG(0) (RFC 2931) and TKEY (RFC 2930). RFC 3445 eliminated their use for application keys and limited their use to DNSSEC. RFC 3755 designates DNSKEY as the replacement within DNSSEC. RFC 4025 designates IPSECKEY as the replacement for use with IPsec.|
|KX||Used with some cryptographic systems (not including DNSSEC) to identify a key management agent for the associated domain-name. Note that this has nothing to do with DNS Security. It is Informational status, rather than being on the IETF standards-track. It has always had limited deployment, but is still in use.|
|LOC||Specifies a geographical location associated with a domain name|
|NAPTR||Allows regular-expression-based rewriting of domain names which can then be used as URIs, further domain names to lookups, etc.|
|NSEC||Part of DNSSEC—used to prove a name does not exist. Uses the same format as the (obsolete) NXT record.|
|NSEC3||An extension to DNSSEC that allows proof of nonexistence for a name without permitting zonewalking|
|NSEC3PARAM||Parameter record for use with NSEC3|
|PTR||Pointer to a canonical name. Unlike a CNAME, DNS processing stops and just the name is returned. The most common use is for implementing reverse DNS lookups, but other uses include such things as DNS-SD.|
|RRSIG||Signature for a DNSSEC-secured record set. Uses the same format as the SIG record.|
|RP||Information about the responsible person(s) for the domain. Usually an email address with the @ replaced by a .|
|SIG||Signature record used in SIG(0) (RFC 2931) and TKEY (RFC 2930). RFC 3755 designated RRSIG as the replacement for SIG for use within DNSSEC.|
|SOA||Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone.|
|SSHFP||Resource record for publishing SSH public host key fingerprints in the DNS System, in order to aid in verifying the authenticity of the host. RFC 6594 defines ECC SSH keys and SHA-256 hashes. See the IANA SSHFP RR parameters registry for details.|
|TA||Part of a deployment proposal for DNSSEC without a signed DNS root. See the IANA database and Weiler Spec for details. Uses the same format as the DS record.|
|TKEY||A method of providing keying material to be used with TSIG that is encrypted under the public key in an accompanying KEY RR.|
|TLSA||A record for DNS-based Authentication of Named Entities (DANE). RFC 6698 defines “The TLSA DNS resource record is used to associate a TLS server certificate or public key with the domain name where the record is found, thus forming a ‘TLSA certificate association'”.|
|TSIG||Can be used to authenticate dynamic updates as coming from an approved client, or to authenticate responses as coming from an approved recursive name server similar to DNSSEC.|
|URI||Can be used to used for publishing mappings from hostnames to URIs.|