To restrict as much as possible attack on your name server and avoid your resources consumed by tons of illegitimate queries, it’s wise to disable recursive lookup from the Internet for domains that are not served by your DNS server. The DNS server will attempt to resolve the name locally, then will forward requests to any DNS servers specified as forwarders. If Do not use recursion for this domain is enabled, the DNS server will pass the query on to forwarders, but will not recursively query any other DNS servers (e.g. External DNS servers) if the forwarders cannot resolve the query. If Disable recursion (also disables forwarders) is set, The server will attempt to resolve a query from its own database only. It will not query any additional servers.
Disable Recursion in Plesk
1. Log into the Plesk Admin Panel.
2. Select Tools and Settings.
3. Click DNS Template Settings from the section.
4. Select Localnets from the DNS Recursion section.
5. Click the OK button.
Disable Recursion in Windows Server 2003 and 2008
1. Access the DNS Manager from the Start menu:
Click the Start button.
Select Administrative Tools.
Select DNS.
2. Right click on the desired DNS Server in the Console Tree.
3. Select the Proprerties tab.
4. Click the Advanced button in the Server Options section.
5. Select the Disable Recursion checkbox.
6. Click the OK button.
Disable Recursion in Linux
/etc/bind/named.conf
/etc/named.conf
Open the named.conf file in your preferred editor.
Add the following details to the Options section:
allow-transfer {"none";};
allow-recursion {"none";};
recursion no;
Restart the service;
No comments:
Post a Comment