Allow Remote Domains

C

crypton

Registered
Apr 5, 2013
3
0
1
cPanel Access Level
Root Administrator
I run cpanel server and name server separately.

When I tried to add an addon domain, this error occurred.

the domain is already pointed to an IP address that does not appear to use DNS servers associated with this server. Please transfer the domain to this servers nameservers or have your administrator add one of its nameservers to /etc/ips.remotedns and make the proper A entries on that remote nameserver.

I added my name servers in /etc/ips.remotedns and want to turn on [Allow Remote Domains] function to allow clients to use anyone's name server.

What security risks does it cause to turn on [Allow Remote Domains] function?
 
T

ThinIce

Well-Known Member
Apr 27, 2006
352
9
168
Disillusioned in England
cPanel Access Level
Root Administrator
In the main I believe the risk is associated with things like locally created mail destined for the remote domain in question suddenly being collected locally rather than routed legitimatly to the domain's real MX servers. Impersonation and fraud would then be a risk.

You'll notice a bunch of common internet domains in /usr/local/cpanel/etc/commondomains and it would be a very good idea to list your own domains within /var/cpanel/commondomains (a version of the file that doesn't get overwritten by updates) if you're going to enable this.

I'd personally view it as a good idea to review each new account / parked / addon domain as it's created, if you get fraud orders you may well see domains for things like foreign banks.

Be interested to hear any other downsides anyone cares to mention :)
 
Last edited:
C

crypton

Registered
Apr 5, 2013
3
0
1
cPanel Access Level
Root Administrator
ThinIce said:
In the main I believe the risk is associated with things like locally created mail destined for the remote domain in question suddenly being collected locally rather than routed legitimatly to the domain's real MX servers. Impersonation and fraud would then be a risk.

You'll notice a bunch of common internet domains in /usr/local/cpanel/etc/commondomains and it would be a very good idea to list your own domains within /var/cpanel/commondomains (a version of the file that doesn't get overwritten by updates) if you're going to enable this.

I'd personally view it as a good idea to review each new account / parked / addon domain as it's created, if you get fraud orders you may well see domains for things like foreign banks.

Be interested to hear any other downsides anyone cares to mention :)
Click to expand...
Thank you very much!

I'll be careful about new addon domain.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
J SOLVED Cannot Register .Gov domain. Need cPanel to allow add-on domain before Registrar setup. Domain Management 1
A Allow Remote Domains causing an error Not Working on my site Domain Management 2
D Allow Remote Domains Not Working Domain Management 3
G Allow Remote Domains - why is it a security problem? Domain Management 11
M Allow Remote Domains question Domain Management 1
Similar threads
SOLVED Cannot Register .Gov domain. Need cPanel to allow add-on domain before Registrar setup.
Allow Remote Domains causing an error Not Working on my site
Allow Remote Domains Not Working
Allow Remote Domains - why is it a security problem?
Allow Remote Domains question
Top Bottom