Question I get some "connection refused resolving" infos in system protocol

[cpulove]

Server operating system version

Debian 12

Plesk version and microupdate number

Plesk Obsidian 18.0.69 Update 2

Can someone have a look at my syslog entries and explain please, if this is server internal and problematic?
I did a ImmunifyAV Scan with no threads found and all domains seem okay and not infected.
Any Idea what to do elese or how I could find the culprit?

 

[scsa20]

Those are all IPv6 related entries. If you have IPv6 configured on your server, make sure your IPv6 settings is set correctly, otherwise if you don't use IPv6 then those can be ignored.

 

[cpulove]

No, server runs IP4 only, but there are these suspisious entries and I'd like to know where they come from and if there is maybe a customers Domainspace or Wordpress compromised and sending out these requests. MAybe a rootkit somewhere?

connection refused resolving 'ns500194.hereyourhotlady.com/NS/IN': 34.8.38.57#53
connection refused resolving 'ns500208.sweetkissesclub.com/NS/IN': 34.8.196.142#53

I run my plesk server on top of centos 12 on proxmox ve. All up to date.

 

[cpulove]

Update: I added this

// -- PLEASE ADD YOUR CUSTOM DIRECTIVES BELOW THIS LINE. --
logging {
    category security {
        null;  // Oder auf ein spezielles Logfile umleiten
    };
};

to /etc/nano named.conf

and turned recursive DNS off.

Now these messages are gone and the log does not bloat up anymore.