HostOnNet Blog

Open DNS servers

Posted on February 13, 2007 by flashweb

Looking for Linux Server Admin or WordPress Expert? We can help.

Contact Us

When check domain at dnsreport, it show warning

ERROR: One or more of your nameservers reports that it is an open DNS server.

This can be fixed by editing /etc/named.conf

The default “options” will be

options {
directory “/var/named”;
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

Add following inside options block

allow-recursion {
127.0.0.1;
72.232.50.98;
72.232.50.99;
72.232.50.100;
72.232.50.101;
};

72.232.50.98, 72.232.50.99, 72.232.50.100, 72.232.50.101 are IP’s of the server. Replace it with your server IP’s.

You can find IP’s configured in your server with command ifconfig

After editing, optons will look like

options {
directory “/var/named”;
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;

allow-recursion {
127.0.0.1;
72.232.50.98;
72.232.50.99;
72.232.50.100;
72.232.50.101;
72.232.50.102;
};

/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

Posted in DNS. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.