diff --git a/dashboard/src/components/DomainDialog.vue b/dashboard/src/components/DomainDialog.vue
index 5e3343afa..df710ab2c 100644
--- a/dashboard/src/components/DomainDialog.vue
+++ b/dashboard/src/components/DomainDialog.vue
@@ -20,7 +20,31 @@ const provider = ref('');
 const tlsProvider = ref('letsencrypt-prod-wildcard');
 const showAdvanced = ref(false);
 const customNameservers = ref(false);
-const dnsConfig = ref({});
+
+// we have to define all properties here which are used in the DomainProviderForm to keep reactivity alive
+const dnsConfig = ref({
+  accessKeyId: '',
+  accessKey: '',
+  accessToken: '',
+  apiKey: '',
+  apikey: '',
+  appSecret: '',
+  apiPassword: '',
+  apiSecret: '',
+  consumerKey: '',
+  credentials: { client_email: '', private_key: '' },
+  customerNumber: '',
+  defaultProxyStatus: false,
+  email: '',
+  endpoint: '',
+  password: '',
+  projectId: '',
+  secretAccessKey: '',
+  secretapikey: '',
+  token: '',
+  tokenType: '',
+  username: '',
+});
 
 const isFormValid = ref(false);
 function checkValidity() {
diff --git a/dashboard/src/components/DomainProviderForm.vue b/dashboard/src/components/DomainProviderForm.vue
index 6b01eaf68..8c0175542 100644
--- a/dashboard/src/components/DomainProviderForm.vue
+++ b/dashboard/src/components/DomainProviderForm.vue
@@ -70,9 +70,9 @@ function needsPort80(dnsProvider, tlsProvider) {
     (tlsProvider === 'letsencrypt-prod' || tlsProvider === 'letsencrypt-staging'));
 }
 
-function setDefaultTlsProvider() {
+function setDefaultTlsProvider(p) {
   // wildcard LE won't work without automated DNS
-  if (provider.value === 'manual' || provider.value === 'noop' || provider.value === 'wildcard') {
+  if (p === 'manual' || p === 'noop' || p === 'wildcard') {
     tlsProvider.value = 'letsencrypt-prod';
   } else {
     tlsProvider.value = 'letsencrypt-prod-wildcard';
@@ -80,68 +80,32 @@ function setDefaultTlsProvider() {
 }
 
 function resetFields() {
-  dnsConfig.value = {};
-  if (provider.value === 'route53') {
-    dnsConfig.value.accessKeyId = '';
-    dnsConfig.value.secretAccessKey = '';
-  } else if (provider.value === 'gcdns') {
-    dnsConfig.value.projectId = '';
-    dnsConfig.value.credentials = {
-      client_email: '',
-      private_key: '',
-    };
-  } else if (provider.value === 'digitalocean') {
-    dnsConfig.value.token = '';
-  } else if (provider.value === 'linode') {
-    dnsConfig.value.token = '';
-  } else if (provider.value === 'bunny') {
-    dnsConfig.value.accessKey = '';
-  } else if (provider.value === 'dnsimple') {
-    dnsConfig.value.accessToken = '';
-  } else if (provider.value === 'hetzner') {
-    dnsConfig.value.token = '';
-  } else if (provider.value === 'vultr') {
-    dnsConfig.value.token = '';
-  } else if (provider.value === 'desec') {
-    dnsConfig.value.token = '';
-  } else if (provider.value === 'gandi') {
-    dnsConfig.value.token = '';
-    dnsConfig.value.tokenType = '';
-  } else if (provider.value === 'godaddy') {
-    dnsConfig.value.apiKey = '';
-    dnsConfig.value.apiSecret = '';
-  } else if (provider.value === 'cloudflare') {
-    dnsConfig.value.token = '';
-    dnsConfig.value.email = '';
-    dnsConfig.value.tokenType = '';
-    dnsConfig.value.defaultProxyStatus = false;
-  } else if (provider.value === 'namecom') {
-    dnsConfig.value.token = '';
-    dnsConfig.value.username = '';
-  } else if (provider.value === 'namecheap') {
-    dnsConfig.value.token = '';
-    dnsConfig.value.username = '';
-  } else if (provider.value === 'inwx') {
-    dnsConfig.value.username = '';
-    dnsConfig.value.password = '';
-  } else if (provider.value === 'netcup') {
-    dnsConfig.value.customerNumber = '';
-    dnsConfig.value.apiKey = '';
-    dnsConfig.value.apiPassword = '';
-  } else if (provider.value === 'ovh') {
-    dnsConfig.value.endpoint = '';
-    dnsConfig.value.consumerKey = '';
-    dnsConfig.value.appKey = '';
-    dnsConfig.value.appSecret = '';;
-  } else if (provider.value === 'porkbun') {
-    dnsConfig.value.apikey = '';
-    dnsConfig.value.secretapikey = '';
-  }
+  dnsConfig.value.accessKeyId = '';
+  dnsConfig.value.accessKey = '';
+  dnsConfig.value.accessToken = '';
+  dnsConfig.value.apiKey = '';
+  dnsConfig.value.apikey = '';
+  dnsConfig.value.appSecret = '';
+  dnsConfig.value.apiPassword = '';
+  dnsConfig.value.apiSecret = '';
+  dnsConfig.value.consumerKey = '';
+  dnsConfig.value.credentials = { client_email: '', private_key: '' };
+  dnsConfig.value.customerNumber = '';
+  dnsConfig.value.defaultProxyStatus = false;
+  dnsConfig.value.email = '';
+  dnsConfig.value.endpoint = '';
+  dnsConfig.value.password = '';
+  dnsConfig.value.projectId = '';
+  dnsConfig.value.secretAccessKey = '';
+  dnsConfig.value.secretapikey = '';
+  dnsConfig.value.token = '';
+  dnsConfig.value.tokenType = '';
+  dnsConfig.value.username = '';
 }
 
-function onProviderChange() {
-  setDefaultTlsProvider();
-  resetFields();
+function onProviderChange(p) {
+  setDefaultTlsProvider(p);
+  resetFields(p);
 }
 
 function onGcdnsFileInputChange(event) {
@@ -164,7 +128,7 @@ function onGcdnsFileInputChange(event) {
   <div>
     <FormGroup>
       <label for="providerInput">{{ $t('domains.domainDialog.provider') }} <sup><a href="https://docs.cloudron.io/domains/#dns-providers" class="help" target="_blank"><i class="fa fa-question-circle"></i></a></sup></label>
-      <SingleSelect v-model="provider" @select="onProviderChange()" :options="domainProviders" option-key="value" option-label="name" />
+      <SingleSelect v-model="provider" @select="onProviderChange" :options="domainProviders" option-key="value" option-label="name" />
     </FormGroup>
 
     <!-- Route53 -->
diff --git a/dashboard/src/models/DomainsModel.js b/dashboard/src/models/DomainsModel.js
index fa0a46bcb..989006484 100644
--- a/dashboard/src/models/DomainsModel.js
+++ b/dashboard/src/models/DomainsModel.js
@@ -2,6 +2,70 @@
 import { fetcher } from 'pankow';
 import { API_ORIGIN } from '../constants.js';
 
+function filterForProvider(provider, config) {
+  let props = [];
+  switch (provider) {
+    case 'route53':
+      props = ['accessKeyId', 'secretAccessKey'];
+      break;
+    case 'gcdns':
+      props = ['projectId', 'credentials'];
+      break;
+    case 'digitalocean':
+      props = ['token'];
+      break;
+    case 'linode':
+      props = ['token'];
+      break;
+    case 'bunny':
+      props = ['accessKey'];
+      break;
+    case 'dnsimple':
+      props = ['accessToken'];
+      break;
+    case 'hetzner':
+      props = ['token'];
+      break;
+    case 'vultr':
+      props = ['token'];
+      break;
+    case 'desec':
+      props = ['token'];
+      break;
+    case 'gandi':
+      props = ['token', 'tokenType'];
+      break;
+    case 'godaddy':
+      props = ['apiKey', 'apiSecret'];
+      break;
+    case 'cloudflare':
+      props = ['token', 'email', 'tokenType', 'defaultProxyStatus'];
+      break;
+    case 'namecom':
+      props = ['token', 'username'];
+      break;
+    case 'namecheap':
+      props = ['token', 'username'];
+      break;
+    case 'inwx':
+      props = ['password', 'username'];
+      break;
+    case 'netcup':
+      props = ['customerNumber', 'apiKey', 'apiPassword'];
+      break;
+    case 'ovh':
+      props = ['endpoint', 'consumerKey', 'appKey', 'appSecret'];
+      break;
+    case 'porkbun':
+      props = ['apikey', 'secretapikey'];
+      break;
+  }
+
+  const ret = {};
+  for (const p of props) ret[p] = config[p];
+  return ret;
+}
+
 function create() {
   const accessToken = localStorage.token;
 
@@ -29,7 +93,7 @@ function create() {
       return [null, result.body];
     },
     async add(domain, zoneName, provider, config, fallbackCertificate, tlsConfig) {
-      const data = { domain, provider, config, tlsConfig };
+      const data = { domain, provider, config: filterForProvider(provider, config), tlsConfig };
       if (zoneName) data.zoneName = zoneName;
       if (fallbackCertificate) data.fallbackCertificate = fallbackCertificate;
 
@@ -44,7 +108,7 @@ function create() {
       return [null];
     },
     async update(domain, zoneName, provider, config, fallbackCertificate, tlsConfig) {
-      const data = { provider, config, tlsConfig };
+      const data = { provider, config: filterForProvider(provider, config), tlsConfig };
       if (zoneName) data.zoneName = zoneName;
       if (fallbackCertificate) data.fallbackCertificate = fallbackCertificate;