webhosting2

Registered
Sep 6, 2006
1
0
151
ERROR: One or more of your nameservers reports that it is an open DNS server. This usually means that anyone in the world can query it for domains it is not authoritative for (it is possible that the DNS server advertises that it does recursive lookups when it does not, but that shouldn't happen). This can cause an excessive load on your DNS server. Also, it is strongly discouraged to have a DNS server be both authoritative for your domain and be recursive (even if it is not open), due to the potential for cache poisoning (with no recursion, there is no cache, and it is impossible to poison it). Also, the bad guys could use your DNS server as part of an attack, by forging their IP address. Problem record(s) are:
How do I close off recursive access through WHM or SSH?
 

skyhorse

Active Member
Aug 18, 2004
25
0
151

angelina_holy

Well-Known Member
Aug 6, 2006
113
0
166
nano -w /etc/named.conf
Before the line that says “directory /var/named”; (it could be /var, /var/named, etc)

Put:

recursion no;

Save.

Make sure you can ping your account and google.com afterwards.
 

skyhorse

Active Member
Aug 18, 2004
25
0
151
again, angelina's instructions just like chris's could work in some cases but are not the proper way to do it. White lists for allowed IP addresses is the way to go, check out the two links in the previous posts...
 

angelina_holy

Well-Known Member
Aug 6, 2006
113
0
166
recursion no worked in my case , but like skyhorse said if in some cases if there is possibility that it might break the servers , then its best to go with skyhorse solution to White lists the allowed IP addresses

The link provided by skyhorse

http://www.skyhorse.org/web-server-...panel-whm-version-10/fixing-open-dns-servers/

is good one for new users facings open dns problem

Thanks skyhorse . Guess I was lucky that my server didnt broke . :)
 

Manuel_accu

Well-Known Member
Jun 19, 2005
191
0
166

hamper

Well-Known Member
Apr 28, 2006
85
0
156
jayh38 said:
recursion no is definately not the way to go as Skyhorse mentioned.
Also, here is a nice thread and script that will help you with the
allow list for your service.

http://forums.cpanel.net/showthread.php?t=50473
I agree. I made the mistake of doing this now at least twice a day I have to go in
and redo the named.conf file and restart manually named. Does anyone know how
to get it to stop going back to the "recursion no" in named.conf and keep the acl
info I have to keep changing it back to?

Thanks for any help.
 

levelsupport

Well-Known Member
Oct 7, 2006
47
0
156
TO Disable recursive nameservers
open your /etc/named.conf

make sure you have this line

options {
directory "/var/named";
allow-recursion { 127.0.0.1; <yourserverip1>; <yourserverip2>;};
};
 

noimad1

Well-Known Member
Mar 27, 2003
629
0
166
I have a question about this.

Would I need to add every IP address in my server cluster?