Article ID: 119862, created on Jan 28, 2014, last review on Sep 14, 2016

  • Applies to:
  • Plesk Automation

Question

By default Plesk Automation name servers allow zone transfer to everyone, how do I disable DNS zone transfers?

Answer

Required functionality is not implemented in Plesk Automation 11.5.

The feature request #POA-79532 was created regarding the matter.

Subscribe to our knowledge base - each product update comes with corresponding KB article: https://kb.odin.com/rss/index.html

You can use the following workaround:

On the DNS node edit the /var/named/run-root/etc/named.conf file, add desired IP-addresses that should be allowed to transfer zone information from the server to the options clause under the allow-transfer, and comment out the acl common-allow-transfer statement; please refer the example below where the transfer is allow to 10.10.10.11 IP-address:

# This file was automatically generated.
#
options {
        directory "/var";
        auth-nxdomain no;
        recursion no;
        listen-on-v6 { any; };
        allow-transfer {10.10.10.11;};
};
key "rndc-key" {
        algorithm hmac-md5;
        secret "***";
};
controls {
        inet 127.0.0.1 port 953
        allow { 127.0.0.1; } keys { "rndc-key"; };
};
zone "." {
        type hint;
        file "named.root";
};
zone "0.0.127.IN-ADDR.ARPA" {
        type master;
        file "localhost.rev";
};

#acl common-allow-transfer {
#       none;
#};

# Two following includes include PEM-managed zones info.
include "pem_zones";
include "pem_reverse_zones";

e0aff7830fa22f92062ee4db78133079 caea8340e2d186a540518d08602aa065

Email subscription for changes to this article
Save as PDF