Frequently Asked Questions
This page lists the most frequently asked questions for DNS Spy. If you still have questions that aren't answered here, send us a message!
Yes, you'll need an account to manage your domains. In your account you can configure the notifications, add different domains and manage the DNS records you want to monitor.
No, there's no free version of DNS Spy. There is a 7 day free trial, no strings attached, to allow you to evaluate our service. After that period, your monitoring either stops or you can choose a subscription plan to fit your needs.
Have a look at the pricing page for more details.
We can't always detect every DNS record (1), especially if you're using obscure naming schemes. Our dashboard allows you to monitor custom records though, so you can always add them yourself.
(1) Unless you're using our zone-transfer option, in which we case we can cover 100% of your DNS records, no matter how obscure they are.
You have the ability to choose how we monitor CNAME records: we can expand every CNAME until we reach an actual IP address or just monitor the CNAME value itself.
That means if you have a DNS record www.domain.tld which is a CNAME to sub.domain.tld, DNS Spy will by default monitor that it points to that CNAME, sub.domain.tld.
However, you can also enable the option to resolve the value of sub.domain.tld. So if sub.domain.tld changes IP, you'll also be notified that the domain www.domain.tld has changed IP, since that follows the CNAME value.
This is a really powerful feature that can alert you if unforeseen DNS changes have occured due to records pointing to CNAME records.
You can configure this setting in your DNS Spy dashboard, per record. It's up to you to determine if we should resolve CNAME's or just monitor them as-is.
If your domains' DNS records keep changing, we'll keep sending notifications. For dynamic DNS services such as CloudFlare or CloudFront, this may become a burden.
DNS Spy reports changes in the DNS, so if your DNS changes - we'll notify you. There really isn't much we can do if the system behind your domain keeps changing the DNS.
The best course of action is to disable monitoring that specific record.
To protect our users, we'll automatically disable alerting of a DNS record if it keeps changing on every check. We'll tell you about this, of course.
DNS Spy can monitor domains by using zone transfers.
It works by querying your master nameserver every few minutes and retrieving the entire zone file via the AXFR method. If changes are being detected, they'll be reported to you.
Using zone transfers is the only 100% safe way to monitor your domain: it allows us to retrieve the entire zone, without exceptions. No matter how obscure your DNS records are.
In order for DNS Spy to query your nameservers for zone transfers, our IPs need to be added as "allowed IPs" in your configuration.
If you're using BIND, the config will look similar to this.
zone "yourdomain.tld" {
type master;
file "/var/named/zones/yourdomain.tld";
allow-transfer {
# Keep the IPs you already had in this list, add the DNS Spy IPs to the list
44.222.116.125;
2600:1f18:502b:18a4:8db2:56d7:cdbf:287a;
};
allow-query {
any;
};
};
Our IPs to add are:
- 3.209.236.162
- 2600:1f18:502b:18a4:8db2:56d7:cdbf:287a
If you're unsure how to proceed, contact us for more assistance.
We have you covered! We have multiple regions around the world to monitor your DNS records from and will track values from each region to give you the most accurate picture of your DNS records.
Yes, we support 2 factor authentication using any authenticator app that can generate 6 digit codes.
Still have questions?
Can't find the answer you're looking for? Our support team is here to help you get the most out of DNS Spy.
Contact Support