DNS Security Extensions (DNSSEC) adds cryptographic signatures to your DNS records. Without DNSSEC, the DNS resolution process is vulnerable to spoofing and cache poisoning attacks, where an attacker redirects your users to a clone of your site by injecting a spoofed IP address.
To resolve this vulnerability, follow these config changes or developer practices:
After applying the remediation, run an external attack-surface scan to verify that the vulnerability is no longer detected by WebScanify.
Run a free security scan now to identify missing headers, outdated JS, and other deployment vulnerabilities.