All Articles

Disabling recursive queries on DNS servers

By default, cpanel doesn’t disable recursive queries on your DNS server. This can, I believe, opens the door to possible attacks.

To be on the safe side, just edit the /etc/named.conf file and add the following lines, where ip1, ip2, etc, are replaced with the actual IPs of your server :

// added :
acl "trusted" {

options {
	// following from
	version "not currently available";
	allow-recursion { trusted; };
	allow-notify { trusted; };
	allow-transfer { trusted; };

Published Feb 28, 2008

I am a computer scientist specializing in building machine learning powered products. I’m currently a machine learning developer at Local Logic.