Article ID: 119862, created on Jan 28, 2014, last review on Sep 14, 2016

  • Applies to:
  • Plesk Automation


By default Plesk Automation name servers allow zone transfer to everyone, how do I disable DNS zone transfers?


Required functionality is not implemented in Plesk Automation 11.5.

The feature request #POA-79532 was created regarding the matter.

Subscribe to our knowledge base - each product update comes with corresponding KB article:

You can use the following workaround:

On the DNS node edit the /var/named/run-root/etc/named.conf file, add desired IP-addresses that should be allowed to transfer zone information from the server to the options clause under the allow-transfer, and comment out the acl common-allow-transfer statement; please refer the example below where the transfer is allow to IP-address:

# This file was automatically generated.
options {
        directory "/var";
        auth-nxdomain no;
        recursion no;
        listen-on-v6 { any; };
        allow-transfer {;};
key "rndc-key" {
        algorithm hmac-md5;
        secret "***";
controls {
        inet port 953
        allow {; } keys { "rndc-key"; };
zone "." {
        type hint;
        file "named.root";
zone "0.0.127.IN-ADDR.ARPA" {
        type master;
        file "localhost.rev";

#acl common-allow-transfer {
#       none;

# Two following includes include PEM-managed zones info.
include "pem_zones";
include "pem_reverse_zones";

Search Words

zone transfer

Addition of authoritative name servers in zone file and allow transfer of zone

configure secondary external nameserver

allowing axfr to anyone

open dns

zone transfer lock


DNS transfer

e0aff7830fa22f92062ee4db78133079 caea8340e2d186a540518d08602aa065

Email subscription for changes to this article
Save as PDF