The Kalenfy blog
Security, in plain English
Guides on SPF · DMARC · DNSSEC & more — then scan your site free
Guides & checklists
27 June 2026
What Is CSRF (Cross-Site Request Forgery)?
CSRF tricks a logged-in user's browser into making a request they didn't intend — changing a password or making a payment. Here's how it works and how to prevent it, in plain English.
Email authentication
27 June 2026
DKIM Selector Explained (And How to Find Yours)
A DKIM selector tells receivers which public key to use to verify your email. Here's what a selector is, how to find yours, and why it matters — with a free check of your domain.
DNS & domain security
27 June 2026
How to Check Your DNS Records (Free & Easy)
Want to see your domain's DNS records — SPF, DMARC, MX and more? Here's how to check them three ways, what each should look like, and how to spot problems. Free scan included.
Guides & checklists
27 June 2026
What Is Cross-Site Scripting (XSS)?
Cross-site scripting (XSS) lets attackers run malicious scripts on your site, stealing data from your visitors. Here's how it works and how to prevent it, in plain English.
Fixes & troubleshooting
27 June 2026
What Is DNS Propagation? (Why Changes Take Time)
Just changed a DNS record and nothing's happening? That's DNS propagation. Here's what it really is, how long it takes, why TTL matters, and how to check — with a free scan.
DNS & domain security
27 June 2026
What Is an MX Record? (Email Routing Explained)
An MX record tells the world where to deliver email for your domain. Here's how MX records and their priorities work, common mistakes, and how to check yours free.
Guides & checklists
27 June 2026
What Is Clickjacking? (And How to Stop It)
Clickjacking tricks your visitors into clicking something they can't see by hiding your site in an invisible frame. Here's how it works and how to block it. Free check included.
Fixes & troubleshooting
27 June 2026
How to Redirect HTTP to HTTPS (Force HTTPS)
Stop the 'Not secure' warning by forcing every visitor onto HTTPS. Here's how to redirect HTTP to HTTPS on Apache, Nginx and Cloudflare — and lock it in with HSTS. Free check.
Guides & checklists
27 June 2026
What Are HTTP Security Headers? (HSTS, CSP & More)
HTTP security headers tell browsers how to protect your visitors — blocking clickjacking, mixed content and more. Here's what each one does and how to add them. Free scan included.
DNS & domain security
27 June 2026
DNS Records Explained: A, CNAME, MX, TXT & More
A plain-English guide to DNS records — A, AAAA, CNAME, MX, TXT, NS and the security ones (CAA, DNSSEC). What each does, with a free scan to check your domain's setup.