Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Help with query cache denied problem

Discussion in 'General Discussion' started by Misiek, Dec 3, 2009.

  1. Misiek

    Misiek Well-Known Member

    Joined:
    Feb 23, 2004
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    166
    cPanel Access Level:
    Root Administrator
    From just about a month i get full of those request in my messages file

    Code:
        client 12.25.232.115 view external: query (cache) 'LJBZF.SMARTHELPONLINE.COM/A/IN' denied: 1 Time(s)
        client 12.25.232.115 view external: query (cache) 'LTBZOZ.SMARTHELPONLINE.COM/A/IN' denied: 1 Time(s)
        client 12.25.232.115 view external: query (cache) 'LTYNF.SMARTHELPONLINE.COM/A/IN' denied: 1 Time(s)
        client 12.25.232.115 view external: query (cache) 'LYNDFJ.JOBGAS.COM/A/IN' denied: 1 Time(s)
        client 12.25.232.115 view external: query (cache) 'VJYZ.SMARTHELPONLINE.COM/A/IN' denied: 1 Time(s)
        client 12.25.232.115 view external: query (cache) 'VTTBF.SMARTHELPONLINE.COM/A/IN' denied: 1 Time(s)
        client 12.25.232.115 view external: query (cache) 'WWW.LJBZF.SMARTHELPONLINE.COM/A/IN' denied: 1 Time(s)
        client 12.25.232.115 view external: query (cache) 'WWW.LTBZOZ.SMARTHELPONLINE.COM/A/IN' denied: 1 Time(s)
        client 12.25.232.115 view external: query (cache) 'WWW.LTYNF.SMARTHELPONLINE.COM/A/IN' denied: 1 Time(s)
        client 12.25.232.115 view external: query (cache) 'WWW.LYNDFJ.JOBGAS.COM/A/IN' denied: 1 Time(s)
        client 12.25.232.115 view external: query (cache) 'WWW.VJYZ.SMARTHELPONLINE.COM/A/IN' denied: 1 Time(s)
        client 12.25.232.115 view external: query (cache) 'WWW.VTTBF.SMARTHELPONLINE.COM/A/IN' denied: 1 Time(s)
        client 132.206.44.21 view external: query (cache) 'ns0.yourbabyboomer.com/AAAA/IN' denied: 1 Time(s)
        client 132.206.44.21 view external: query (cache) 'ns1.yourbabyboomer.com/AAAA/IN' denied: 1 Time(s)
        client 132.206.44.21 view external: query (cache) 'yourbabyboomer.com/MX/IN' denied: 1 Time(s)
        client 139.223.100.10 view external: query (cache) 'zhmboz.bestslip.com/A/IN' denied: 1 Time(s)
        client 139.223.2.136 view external: query (cache) 'ns0.bestslip.com/AAAA/IN' denied: 2 Time(s)
        client 139.223.2.136 view external: query (cache) 'ns1.bestslip.com/AAAA/IN' denied: 2 Time(s)
        client 139.223.2.136 view external: query (cache) 'zbrjfg.bestslip.com/A/IN' denied: 1 Time(s)
        client 139.223.2.136 view external: query (cache) 'zhmboz.bestslip.com/A/IN' denied: 1 Time(s)
        client 139.223.2.16 view external: query (cache) 'ns0.bestslip.com/AAAA/IN' denied: 2 Time(s)
        client 139.223.2.16 view external: query (cache) 'ns1.bestslip.com/AAAA/IN' denied: 2 Time(s)
        client 139.223.2.16 view external: query (cache) 'zbrjfg.bestslip.com/A/IN' denied: 1 Time(s)
        client 139.223.2.16 view external: query (cache) 'zhmboz.bestslip.com/A/IN' denied: 1 Time(s)
        client 139.223.31.10 view external: query (cache) 'zhmboz.bestslip.com/A/IN' denied: 1 Time(s)
        client 145.253.2.134 view external: query (cache) 'FLUSHSITE.com/A/IN' denied: 2 Time(s)
        client 145.253.2.134 view external: query (cache) 'JOBGAS.com/A/IN' denied: 2 Time(s)
        client 145.253.2.134 view external: query (cache) 'YOURBABYBOOMER.com/A/IN' denied: 2 Time(s)
        client 146.188.104.124 view external: query (cache) 'yourmyway.com/A/IN' denied: 2 Time(s)
        client 150.70.146.49 view external: query (cache) 'ns0.bestslip.com/AAAA/IN' denied: 1 Time(s)
        client 150.70.146.49 view external: query (cache) 'ns1.bestslip.com/AAAA/IN' denied: 1 Time(s)
        client 150.70.146.49 view external: query (cache) 'zhmboz.bestslip.com/A/IN' denied: 2 Time(s)
        client 150.70.146.49 view external: query (cache) 'zhmboz.bestslip.com/AAAA/IN' denied: 2 Time(s)
    
    Does anybody can help me how to stop those messages
    ??
     
  2. madaboutlinux

    madaboutlinux Well-Known Member

    Joined:
    Jan 24, 2005
    Messages:
    1,051
    Likes Received:
    2
    Trophy Points:
    168
    Location:
    Earth
    Is recursion disabled in the named configuration? If not, try disabling it by editing the

    and insert the following line in the "options" section

    restart the named service once you save the file.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Misiek

    Misiek Well-Known Member

    Joined:
    Feb 23, 2004
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    166
    cPanel Access Level:
    Root Administrator
    That unfortunatly did not hel i have recursion no in external view, added it also in options and still i get query (cache) denied.

    This is my config
    :

    Code:
    include "/etc/rndc.key";
    
    acl "trusted" {
        HEREIP1;HEREIP2;127.0.0.1;
    };
    
    controls {
            inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; };
    };
    
    options {
        /* make named use port 53 for the source of all queries, to allow
             * firewalls to block all ports except 53:
             */
    
        // query-source    port 53;
        recursion no;
        // allow-recursion { trusted; };
        allow-notify { trusted; };
        allow-transfer { trusted; };
        allow-query-cache { trusted; };
        version "Another DNS";
        listen-on port 53 { trusted; };
        directory                "/var/named"; // the default
        pid-file                 "/var/run/named/named.pid";
        dump-file                "data/cache_dump.db";
        statistics-file          "data/named_stats.txt";
       /* memstatistics-file     "data/named_mem_stats.txt"; */
    };
    
    logging {
    /*      If you want to enable debugging, eg. using the 'rndc trace' command,
     *      named will try to write the 'named.run' file in the $directory (/var/nam
    ed").
     *      By default, SELinux policy does not allow named to modify the /var/named
    " directory,
     *      so put the default debug log file in data/ :
     */
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
    };
    
    
     
  4. n00bie

    n00bie Active Member

    Joined:
    Mar 20, 2007
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    151
    I'd also like to say that I am experiencing the same issue. Any resolution ?
     
  5. madaboutlinux

    madaboutlinux Well-Known Member

    Joined:
    Jan 24, 2005
    Messages:
    1,051
    Likes Received:
    2
    Trophy Points:
    168
    Location:
    Earth
    Those are reverse DNS queries which are denied and are logged. Such attempts are mostly carried out from hacked servers. If the requests are coming from same IP OR subnet, block them and notify the owner of the IP.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice