Audit domain DNS records after a hosting or nameserver change

When to use this guide

Use this after moving a domain, changing nameservers, launching a new host, switching CDN providers, or fixing DNS records that may have caused NXDOMAIN, 502, or site-not-found errors.

Steps

1. Confirm the registrar nameservers. The registrar must point at the DNS provider where you are editing records.
2. Inventory required records. List records for the apex domain, www, mail, verification records, CDN hostnames, and any app subdomains.
3. Check apex and www behavior together. Make sure both versions resolve and redirect to the intended canonical host.
4. Look for conflicting records. A hostname should not usually have both a CNAME and other record types. Remove stale records from old hosts.
5. Verify origin and CDN targets. If a CDN is in front, confirm DNS points to the CDN and the CDN origin points to the correct server.
6. Review TTL and propagation. Do not keep changing records while old answers are still cached unless the authoritative records are wrong.
7. Check DNSSEC if enabled. Broken DS records can make a domain fail even when normal DNS records look correct.

Verify

Query the authoritative nameservers and at least two recursive resolvers. Then load both apex and www in a browser and confirm they land on the intended site.

Rollback or escalate

If the new DNS provider is incomplete, restore the old nameservers or copy every required record before switching again. Escalate with registrar nameservers, authoritative answers, and expected records.