If your server allows recursive queries it can be exploited by malicious users. It should be restricted only to ip addresses from your local nets.
To accomplish this, edit your /etc/named.conf and specify in “options” section which ACL are allowed to run recursive queries with allow-recursion option:
# /etc/named.conf acl localnets { 127.0.0.1; 192.168.0.0/24; }; options { ... allow-recursion { localnets; }; ... };
then restart bind server:
[root@red ~]# /etc/init.d/named restart Stopping named: . [ OK ] Starting named: [ OK ]
In Plesk it can be done from the Control Panel:
Server->DNS Settings->DNS Preferences->Allow recursion
and choose localhost or localnets.
0 comments ↓
There are no comments yet...Kick things off by filling out the form below.
Leave a Comment