The Domain Name System (DNS) connects websites and email services to a domain. DNS is responsible for the ability to view a website using a domain registered with another web hosting provider. For a successful domain transfer or registration, you need to know the primary nameserver (NS) records and/or the IP address for the server hosting the website (A record) to use your domain properly. The same applies to mail exchange (MX) records for using a custom domain with Google Mail, ProtonMail, and other email providers.
Below we’ll cover how to edit DNS records and add a DNS zone for a new domain in Control Web Panel (CWP).
- Edit DNS Records in Control Web Panel
- Add a DNS Zone
Edit DNS Records in Control Web Panel
This section covers how to modify DNS records for where domains and subdomains point to in CWP.
- Log into CWP.
- Select List DNS Zones.
- Find your domain from the list and select Edit Records.
The top section is dedicated to the Start of Authority (SOA) record parameters. Think of the SOA record for a domain as a serial number marking each time its DNS settings change. It updates automatically as other DNS records for the domain are changed. Other than updating the contact email address, the SOA record is usually only modified as a last resort when dealing with DNS propagation issues since it doesn’t affect whether domain can connect to a server or external service.
An SOA record consists of the following:
|MNAME (Master Name) / Primary nameserver (NS) record
|RNAME (Responsible Name) / Domain owner email address
|Actual serial number within the SOA record(YYYYMMDD##) (cannot be edited in the CWP dashboard)
|Refresh rate in seconds
|Retry rate for failed requests in seconds
|Expiration if requests continue to fail in seconds
|TTL (time to live) in cache in seconds
You can view your full SOA record in the CWP terminal with the following command:
dig soa yourdomain.com
Add New DNS Records
Underneath the SOA record is the option to add new records for your domain:
We’ll briefly describe how to add the most common DNS record types.
A record: the DNS record primarily responsible for converting a domain to the IPv4 address for a website or application. This usually uses the same IP address as the server unless the site is on another server (e.g. website migrations).
|“@” for the main domain,
Subdomain (e.g. “sub1” for “sub1.example.com”), orFull domain for additional domains
|TTL (in seconds)
|The most common entries are “86400” (1 day), “14400” (4 hours), and “3600” (1 hour)
|Direction IPv4 address
|Server IP address of the domain
MX record: the DNS record that routes email communications through the authoritative mail server. Again, this record normally shares the hostname with the CWP server unless you’re using an external service for email communications such as Google Mail.
|“@” for the domain
|Normally “0” so that DNS changes propagate as soon as possible or “3600”
|Mail server priority
|Normally “0” while secondary MX records, if used, are normally added in intervals of “10”
The MX record with the lowest number gets priority
|Mail server hostname
|Server hostname or website for email service
As an example, this is how you would add Google Workspace MX records to a domain:
|Mail server priority
|Mail server hostname
Don’t forget to delete any other MX records for the domain.
TXT record: a general DNS record commonly used for email authentication and domain ownership verification methods:
- DomainKeys Identified Mail (DKIM)
- Sender Policy Framework (SPF)
- Domain ownership verification to integrate external services (e.g. Zoho and Google Workspace)
- Domain-based Message Authentication, Reporting & Conformance (DMARC)
- Brand Indicators for Message Identification (BIMI)
|“@” for the main domain orSubdomain (e.g. “sub1” for “sub1.example.com”)
|DNS query surrounded by quotation marks (“”) – e.g. a DMARC record to reject emails sent from your domain that fail SPF validation:
“v=DMARC1; p=reject; sp=none; rf=afrf; pct=100; ri=86400”
Learn more in-depth about DNS records.
Basic DMARC and SPF records are created for each domain by default to mitigate email spoofing. SPF states what server IPs should be sending email from that domain. It also states how strictly email providers should reject emails marked from that domain but a different IP not stated in the SPF record. For example:
v=spf1 +a +mx +ip4:18.104.22.168 -all
This SPF record states that any email not sent from the domain and the system IP of “22.214.171.124” should be rejected outright.
DMARC reinforces that any mail that fails SPF validation be rejected in the case that an email provider doesn’t comply with SPF. Here’s a DMARC record that quarantines email supposedly sent from your domain that fails SPF validation and sends an email notification:
v=DMARC1; p=quarantine; sp=none; ruf=mailto:[email protected]; rf=afrf; pct=100; ri=86400
We recommend you learn more about how to create a SPF record strong enough to secure your email server environment.
User Defined Records
At the bottom the “User Defined Records” section lists all DNS records for the domain. You should review this list after creating a DNS zone to ensure the records suit your needs, or edit them from here. If you decide to change the email provider for a domain or redirect a subdomain to an external platform like Blogger, this is where you’ll make DNS changes. Remember, you cannot access this section unless the domain has a DNS zone.
Add a DNS Zone
The Add DNS Zone sidebar option is where you add a domain that only needs DNS management and/or email hosting. This is different from the Add Domain feature which should be used to connect to a website or application. Adding a DNS zone for a domain doesn’t create a root directory for files.
Add the IP address (for the A record), domain, and admin email address. Then the domain will be listed with other DNS zones as shown above.
Advanced CWP DNS Setup
The Edit DNS config sidebar function operates as a shortcut to quickly access your BIND configuration file (/etc/named.conf). This could prove helpful should you decide to implement system-wide changes such as DNS Security Extensions (DNSSEC) on a BIND DNS server.
Free DNS Manager is available in the sidebar for integration. However, it is unnecessary for cloud server administrators as you can use the DNS zone editor covered above or Account Management Panel (AMP).
Learn more about CWP management.