Updated: March 2, 2021

What Exactly Is DNS And How Can It Speed Up And Protect Your WordPress Site; 3 Personal Recommendations

Table of Contents

The Domain Name System (DNS) is often overlooked. You plug in the correct nameservers into your domain registrar, and you’re done. But a good DNS can do more for your site than you may realize.

A high-powered DNS can control the speed that your site is reached across the globe. A cloud-based DNS service can ensure your site visitors in Australia are seeing your site just as quickly as your site visitors in Toronto or Chicago.

What Is DNS? The Simplified Explanation.

Let’s say you call for a Lyft, but you’re a little tipsy from a celebratory evening. The driver asks you where you live, but you don’t recall the address. How does the driver know where to take you?

That’s the domain name system in a nutshell. You type in the name of the website (YouTube.com, for example) but because computers exist in numerical format that beautiful and easy to remember website URL must be translated by a DNS server, so your browser knows exactly which server (among millions) houses that exact domain. It converts the domain into the actual (but hard to remember) IP address and zips you straight away to the website.

Simple explanation of how DNS works for your site

When you type in a domain name, your browser needs to know the IP (Internet Protocol) address of the site you’re trying to access. To do this, it sends a request to the DNS, which is like the Internet’s version of the Yellow Pages. The request looks to match a site URL or a Uniform Resource Locator to an IP address. Once the match is found, the domain name server connects you to the specific hosting account where the website exists, which now loads the site on your browser.

What Is DNS? The Technical Explanation.

While the simplified definition of DNS is enough for most people, if you’re an inquisitive sort or expanding your technical knowledge, you may prefer the more involved explanation.

Where above in the simplified version of DNS I explained how the process goes from browser to ISP to DNS server and back to browser. While that’s also true, I did purposefully leave out a few steps for simplicity’s sake.

In my simple version, I used one DNS server in the example. In reality, the journey is longer and more complicated, with three extra stops along the way before your domain appears in a browser.

Domain Name System DNS explained by ServerWise

The domain name system is a multistep process that begins with a simple DNS query or request for information such as typing in a website address. 

To start, you would type in your request in your web browser, such as google.com. The first step is to check for filehosts in a plain text file on your host operating system. This text file has one job, to map hostnames to IP addresses. If no information is found, it will then proceed to search the cache where data is stored temporarily. Your web browser cache will be searched first, followed by the overall cache of your ISP or Internet Service Provider. If no information exists in either place, you’ll see an error message in the browser window, and you won’t connect to the website.

How does the hostname to IP address get mapped and stored in your cache in the first place? Through the complex choreography of the domain name system.

Step 1: Resolving DNS

Also known as a Recursive DNS or DNS Recursor this step is straight-forward. The query is sent in a recursive way because it’s a commonly made repetitive search (such as Google.com or YouTube.com). The resolving DNS server checks its own files and cache and if it doesn’t find anything, it sends on the request for information to the next step by calling the Root DNS Server.

Step 2: Root Nameserver

The Root DNS Server, also known as the root nameserver, is at the top of the DNS hierarchy. This server is a middleman or midway agent. It doesn’t carry any data itself, but instead acts as a router. When the Resolving DNS server contacts it for information, it tells the server where to go exactly by forwarding the request to the top-level domain name servers (TLD nameserver).

Step 3: TLD Nameserver

As you know, all domains end with an extension such as .com, .net or .org. These are known as top-level domains. A server for a specific domain extension is known as a top-level domain or TLD nameserver. It’s solely responsible for managing and overseeing all the information associated with that particular domain extension.

So when you type in your domain and the extension is .net, the TLD nameserver is going to track down the appropriate next step in the process and refer the request to the correct Authoritative DNS server. It’s this server that finally has the pertinent data for that particular domain.

Step 4: Authoritative Nameserver

Now the request for the IP address that is mapped to the exact domain URL has finally reached its destination. The Authoritative nameserver now accesses the DNS records it holds, finds the exact domain and IP match, and sends the information to the domain resolver to map to the correct IP address.

Step 5: Web Host

Our exhausting DNS journey is finally over. The Authoritative Nameserver found the IP address and matched it to the domain in question. Now the IP address is controlled by a specific host, so the Resolving Nameserver will search for the domain’s files on that particular server and suddenly the complete website appears in your browser.

How DNS Can Speed Up Your Website

Now that I’ve explained exactly what it is DNS does and how it does it, let’s get into how you can use it to speed up your website.

Since the DNS server must be accessed when a new site visitor goes to your domain, there is a lag in time between typing in your domain and your site loading into their browser.

As you can imagine, this silent and often ignored journey of browser to DNS server and back to browser can take a website around the world. Certainly your site will load faster as the time it takes to complete this browser-ISP-DNS-browser cycle varies depending on where the DNS server is located.

If your DNS is hosted with your domain name registrar (most common) and that company has the DNS servers located in Seattle, your site visitors from the Pacific Northwest will pull up your site faster than those located in Asia or Australia. And sometimes that geographical distance can have a noticeable impact on what your site visitors will determine is your site speed.

Premium DNS Services For Security

What is a DDoS Attack?

DDoS is short for distributed denial of service. What that means is that the attacker overwhelms your web server with a massive volume of simultaneous requests, as if your traffic spiked 10,000% in from one minute to the next.

The most frustrating part of this style of attack is that the hacker is not after data because once the server is crippled the attacker stops. So the only thing the hacker has to gain is disabling your server and forcing it offline.

Digital Attack Map is a website that monitors DDoS attacks globally 24/7. Here’s a screenshot from April 17, 2021, with several major attacks hitting the United States, Europe and a solitary attack affecting Brazil.

DDoS attacks have affected some big names in recent years including Twitter, Amazon, Shopify, FreshBooks, Spotify, Netflix, Reddit, PayPal, and hundreds of others.

So how does one protect against a DDoS attack? By utilizing a premium secure DNS service provider that allows for redundancy in the event of an attack. With this set up an attack would take down one or two DNS servers but not all, allowing your website to stay online and serving customers.

Benefits of a Premium DNS Service

Better Prepared for Large-Scale Attacks

Large premium DNS providers such as Cloudflare are more equipped to protect your site from large-scale DDoS attacks. A premium DNS provider with numerous servers around the globe has a fail-safe plan in place and layers of firewalls, software and hardware, designed to keep their network online in the event of a brute-force DDoS attack.

Longer TTL or Time To Live

TTL stands for time to live, or rather how long it will stay active in your cache before it is cleared.

For example, if you had a TTL of 12 hours, and your DNS provider went down for 11 hours most likely your users won’t even know because your ISP has the DNS cached.

The TTLs for your domain are part of your DNS settings, and they are set in seconds:

300 seconds = 5 minutes
1800 seconds = 30 minutes
3600 seconds = 1 hour
43200 seconds = 12 hours
86400 seconds = 24 hours

Most DNS hosts set 30 minutes to an hour by default. While this does ensure your site visitors will see your most recent updates within an hour, it doesn’t provide much room for error in the event of a DNS attack or outage.

Cloudflare which provides premium DNS services to major blogs and content-heavy sites has a TTL default of only 5 minutes. The best practice when it comes to determining your best TTL is to consider how often you update your website.

If you’re not certain, I recommend the following TTL settings:

A and AAAA records: Change more frequently, anywhere from 5 minutes to an hour is good.
CNAME records: Doesn’t need to be changed often, so a high TTL of 48 hours is fine.
MX records: 12 hours is a strong choice here.
TXT records: Rarely change, so 12-24 hours is good.

There are no right or wrong answers when it comes to your site’s best TTL settings. Just keep in mind that longer TTLs will improve your DNS lookup times.

Global Network

With dozens or even a hundred locations of DNS servers around the globe, it’s unlikely a DDoS attack can hit them all simultaneously. If you’re using that service provider for your DNS and half of their network is down, you’ll likely not notice. Your users would be serviced from the remaining DNS servers closest to their geographic location. This may add a few nanoseconds onto their query and page load speed, but your website would still be online and making money.

This multitude of locations also drives up your site performance and speed by providing a closer physical server for DNS lookups to each of your site visitors.

Comparison of Hosted DNS Services to Speed Up Your Site

Now you know what DNS does and why it’s so important. You also know how invaluable having a premium service provider is for both speed and security, but which one do you choose?

Before we dig into the comparisons between the most popular premium DNS service providers, let’s deal with the elephant in the room – your domain registrar’s DNS service.

Undoubtedly, when you registered your domain, you changed your nameservers via your registrar to point to your web host. Essentially you’re now using your registrar as your DNS service provider and let me tell you, GoDaddy, Namecheap and even NameSilo are not offering business-worthy DNS for free. Time to change it up and switch to a premium provider for your website’s safety, security and speed.

While I’m going to offer some helpful information on each of the following premium services, I will not be addressing or testing their free plans. After all, you get what you pay for, so let’s stick with paid plans that deliver real results and quality.

I am listing only the services I have personal experience with and am able to professionally recommend.

Trusted by over 25 million sites, Cloudflare is the global leader in premium DNS services. While the company does offer a free plan, I strongly suggest you upgrade for peace of mind. All paid plans include unmetered and unlimited DDoS mitigation.

Pricing for the Pro plan is only $20 a month and includes the Cloudflare CDN.

DNSMadeEasy is comparative to Cloudflare in terms of query speed. And while both companies provide DDoS protection and mitigation, DNSMadeEasy includes Rest API Access for substantially less at only $5 a month (paid annually at $60).

Constellix is an advanced pay-as-you-go subsidiary of DNSMadeEasy that is used by major players including Zoho, Monday.com, Citizen, Linux and Paycom.

The company boasts one of the fastest query search rates in the industry, with an average query resolution of under 30 milliseconds.

The website does offer a handy price calculator but suffice it to say that unless you’re operating a site with over 10 million monthly visitors, expect to spend $20 or less a month.

Closing Thoughts

The domain name system is both complex and multifaceted, but it’s worth understanding, after all, it’s how we can go from 135.268.59.523 to yourdomain.com. And depending on your perspective, that’s almost magic.

But if you want to take your DNS game up to the next level, I suggest you switch your site to a premium DNS service provider. Cloudflare, DNSMadeEasy and Constellix are all good and affordable options that will not only speed up your site but protect it from DDoS attacks.

After you switch your DNS, you may consider switching to a premium high-speed content delivery network or CDN. You may be interested in my article: We Switched From WPMU DEV CDN and Smush Pro to Bunny.net, And Saw Immediate Positive Results.

If you’re a ServerWise client and have some DNS questions or would like Support to switch your site over to a CDN or premium DNS service, open a ticket, and consider it done.

Picture of Rad Mitkov
Rad Mitkov
Radoslav is a senior motion graphics engineer and designer specializing in 3D modeling prototypes for digital marketing platforms. Rad frequently writes on WordPress, site optimization and cybersecurity topics.