Branko
Basic Pleskian
Hello,
I have installed Slave DNS Manager Extension and set it up successfully. Everything is working great.
But, there is only one thing that bothers me.
When I run DNS test on mxtoolbox.com it warns "Open Zone Transfer Detected" for Slave Server.
I followed the exact instructions that are given in the extension and Plesk documentation. And I did not add anything else to /etc/bind/named.conf.options besides what was given by extension instructions.
Should I ignore that mxtoolbox.com warning? Is Slave Server protected from third-party zone transfer?
Or I should add some more lines to /etc/bind/named.conf.options for security?
This is the content of my /etc/bind/named.conf.options:
Thank you in advance.
I have installed Slave DNS Manager Extension and set it up successfully. Everything is working great.
But, there is only one thing that bothers me.
When I run DNS test on mxtoolbox.com it warns "Open Zone Transfer Detected" for Slave Server.
I followed the exact instructions that are given in the extension and Plesk documentation. And I did not add anything else to /etc/bind/named.conf.options besides what was given by extension instructions.
Should I ignore that mxtoolbox.com warning? Is Slave Server protected from third-party zone transfer?
Or I should add some more lines to /etc/bind/named.conf.options for security?
This is the content of my /etc/bind/named.conf.options:
options {
directory "/var/cache/bind";
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
allow-new-zones yes;
};
key "rndc-key-(My Master Server IP)" {
algorithm hmac-md5;
secret "(my-secret-key)";
};
controls {
inet * port 953 allow { (My Master Server IP); 127.0.0.1; } keys { "rndc-key-(My Master Server IP)"; };
};
directory "/var/cache/bind";
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
allow-new-zones yes;
};
key "rndc-key-(My Master Server IP)" {
algorithm hmac-md5;
secret "(my-secret-key)";
};
controls {
inet * port 953 allow { (My Master Server IP); 127.0.0.1; } keys { "rndc-key-(My Master Server IP)"; };
};
Thank you in advance.