Add to Favourites Add to Favourites    Print this Article Print this Article

Open DNS Server allow recursive lookups

Open DNS Server allow recursive lookups

The error basically means that anyone can use your nameservers to do dns lookups on the internet.
It's considered a security risk to allow recursive lookups on an authoritative server.  You can disable the recursion by adding

allow-recursion {localnets; };

to the "options {" section in your named.conf file.
Newer versions of named may require this setting instead

allow-query     { any; };
allow-transfer  { none; };
allow-recursion { localhost; };
recursion yes;

to allow local recursion, but block remote recursion.

Was this answer helpful?

Also Read