Provider Overview

DNS Watchdog connects to your DNS hosting providers to discover zones, sync records, and monitor for security issues.

Supported providers

Read-only vs read-write

Each provider can be configured in one of two access modes:

• Read-only — DNS Watchdog can discover zones and sync records, but cannot make any changes to your DNS. This is the safest option for monitoring.
• Read-write — DNS Watchdog can also delete and manage records directly through the platform. This enables features like archiving records and bulk cleanup of dangling subdomains.

You choose the access mode when adding a provider. It can be changed later in provider settings.

Adding a provider

1. Go to Settings → Providers in the sidebar
2. Click Add Provider

3. Select your provider type

4. Enter the required credentials
5. Choose read-only or read-write access

6. Click Save

DNS Watchdog validates the credentials immediately and begins zone discovery automatically.

What happens next

After saving your provider:

1. Zone discovery (1–2 minutes) — DNS Watchdog queries the provider API to find all zones under the account
2. Record sync (2–5 minutes) — each zone's DNS records are pulled and stored
3. Initial scan (varies) — records are scanned for open ports, HTTP behaviour, SSL certificates, and subdomain takeover risks
4. Results available — check the Zones page to see discovered zones, and the Issues page for scan results

Notifications are suppressed during the initial sync — the first discovery is treated as baseline data rather than changes.

Credential security

All provider credentials are encrypted at rest. DNS Watchdog requests only the minimum permissions needed for the selected access mode.

Zone discovery

After a provider is connected, DNS Watchdog queues a zone discovery job that runs asynchronously. All zones managed by the provider are discovered and synced. You can trigger re-discovery at any time from the Zones page.