Disable Recursive DNS/DNS Recursion
Recursive DNS queries happen from time to time. This occurs when a DNS server that does not “own” a domain is asked to query more DNS servers until DNS information and an answer are returned.
Fake requests that flood the server with the results of each inquiry can make servers with recursive DNS searches susceptible. This causes the server to become overburdened with traffic that it cannot handle. The performance eventually deteriorates. It’s referred to as a DOS/DDOS (Denial of Service/Distributed Denial of Service) attack in this situation.
DNS Recursion can be disabled on your server in a number of ways. Simply follow the instructions outlined below:
Disable Recursion in Plesk
- Firstly, go to the Plesk Admin Panel and login.
- Tools and Settings should be selected.
- Then, from the section, select DNS Template Settings.
- Localnets can be found in the DNS Recursion section.
- Finally, press the OK button.
Disable Recursion in Windows Server 2003 and 2008
1. From the Start menu, go to DNS Manager:
- Click the Start button.
- Select Administrative Tools.
- Select DNS.
2. In the Console Tree, right-click on the DNS Server you want to use.
3. The Properties tab should be selected.
4. In the Server Options section, click the Advanced button.
5. Disable Recursion checkbox by checking the box.
6. Click the OK button.
Disable Recursion in Linux
1. Navigate to the operating system’s BIND configuration file. The BIND configuration file can be found in one of the following locations:
In your chosen editor, open the named.conf file.
/etc/bind/named.conf
/etc/named.conf
2. Add the following details to the Options section:
allow-transfer {"none";};
allow-recursion {"none";};
recursion no;
3. Restart the device.