diff --git a/app/templates/dashboard.html b/app/templates/dashboard.html
index 0f806df..588c3d4 100644
--- a/app/templates/dashboard.html
+++ b/app/templates/dashboard.html
@@ -224,6 +224,7 @@
         modal.modal('show');
     });
 
+    {% if current_user.role.name == 'Administrator' or dnssec_adm_only == false %}
     $(document.body).on("click", ".button_dnssec", function() {
         var domain = $(this).prop('id');
         getdnssec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec', domain);
@@ -240,6 +241,7 @@
         enable_dns_sec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec/disable');
 
     });
+    {% endif %}
 </script>
 {% endblock %}
 {% block modals %}
diff --git a/app/views.py b/app/views.py
index 1c65ca1..7d67780 100644
--- a/app/views.py
+++ b/app/views.py
@@ -472,7 +472,8 @@ def dashboard():
         uptime = list([uptime for uptime in statistics if uptime['name'] == 'uptime'])[0]['value']
     else:
         uptime = 0
-    return render_template('dashboard.html', domain_count=domain_count, users=users, history_number=history_number, uptime=uptime, histories=history,pdns_version=app.config['PDNS_VERSION'])
+
+    return render_template('dashboard.html', domain_count=domain_count, users=users, history_number=history_number, uptime=uptime, histories=history, dnssec_adm_only=app.config['DNSSEC_ADMINS_ONLY'], pdns_version=app.config['PDNS_VERSION'])
 
 
 @app.route('/dashboard-domains', methods=['GET'])
diff --git a/config_template.py b/config_template.py
index cbc4d2a..a481cac 100644
--- a/config_template.py
+++ b/config_template.py
@@ -125,5 +125,8 @@ RECORDS_ALLOW_EDIT = ['SOA', 'A', 'AAAA', 'CAA', 'CNAME', 'MX', 'PTR', 'SPF', 'S
 FORWARD_RECORDS_ALLOW_EDIT = ['A', 'AAAA', 'CAA', 'CNAME', 'MX', 'PTR', 'SPF', 'SRV', 'TXT', 'LOC' 'NS']
 REVERSE_RECORDS_ALLOW_EDIT = ['SOA', 'TXT', 'LOC', 'NS', 'PTR']
 
+# ALLOW DNSSEC CHANGES FOR ADMINS ONLY
+DNSSEC_ADMINS_ONLY = False
+
 # EXPERIMENTAL FEATURES
 PRETTY_IPV6_PTR = False