• The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

DNS Recursive Lookups

T

timtrott

Guest
I ran a check at DNSreport.com on my server and it came back with this:

One or more of your nameservers reports that it is an open DNS server. This usually means that anyone in the world can query it for domains (that) it is not authoritative for (it is possible that the DNS server advertises that it does recursive lookups when it does not, but that shouldn't happen). This can cause an excessive load on your DNS server. Also, it is strongly discouraged to have a DNS server be both authoritative for your domain and be recursive (even if it is not open), due to the potential for cache poisoning (with no recursion, there is no cache, and it is impossible to poison it). Also, the bad guys could use your DNS server as part of an attack, by forging their IP address.

Is this something that can be corrected in a config file somewhere or is it something built into the Plesk configuration?
 
Hi,

Yesterday I received an email from GoDaddy.com saying that my dns server was misconfigured regarding recursive dns which should be disabled. Well I did not enable it myself, so they must have.

When I run dnsreport.com, I get the same result you do.

Anyway they provided me with this link
http://help.godaddy.com/article.php?article_id=1194&topic_id=&&

Which explains how to disable recursive dns on a linux virtual dedicated server.

su -

sed -e "s/options *{/options {\nallow-recursion {localnets; };\n/" /etc/named.conf > /tmp/named.conf

cat /tmp/named.conf > /etc/named.conf

rm /tmp/named.conf

service named restart

I will do this tonight and post the result back after.
 
That looks like a good solution. I'll be interested to see your follow up report. Thanks for the response.
 
Well, When I got home, I received an email from GoDaddy.com telling me they turned off recursive dns query.

So I did not try there solution. I guess thats what they did but cannot confirm it.

I did a dnsreport to make sure and it is now OK. My dns server is not open anymore.

Well you can try it and let us know.
 
You must log in or register to reply here.

Similar threads

Polli
Issue Subdomain show wrong DNS entrys but is reachable
Replies
3
Views
836
scsa20
scsa20
N
Issue Reconfigurator slow performance when adding DNS records
Replies
0
Views
926
nelteren
N
F
Question AlmaLinux 9.1: bind configuration for slave dns
Replies
5
Views
3K
FYI
F
F
Question Plesk Slave DNS & DNS Security
Replies
1
Views
2K
Peter Debik
P
K
Resolved Opening webmail on plesk opens webmail for cpanel
Replies
6
Views
2K
bork
B
Back
Top