Article ID: 2125, created on Aug 28, 2007, last review on Jun 17, 2016

  • Applies to:
  • Plesk for Linux/Unix


PBA-S-managed name servers (slave name servers) are under DDoS attack.

DNS open recursion service can be used to conduct malicious attacks on a network. This can occur when the default setting for DNS services is not adjusted upon installation. When used maliciously, the service can send Distributed Denial of Service (DDoS) attacks by a third party with malicious intentions.

How to protect them?


This can be prevented by adjusting your DNS settings. You may adjust name server configuration file on the PBA-S-managed name servers directory. Usually named configuration file is /etc/named.conf:

version "unknown";
allow-transfer {none;};
allow-recursion {none;};
allow-query-cache {none;}; // for BIND 9.4+
recursion no;
additional-from-cache no;

Remember to include all IP-pools used by your customer's into the list of networks allowed to use recursive queries - replace "allow-recursion {none;};" with "allow-recursion { %list of clients IP addresses%; };". Restart named service to apply the changes:

~# service named restart

Please refer to the following resource - Adjusting DNS to secure servers against DDoS attacks for specific settings for:

Windows servers running DNS
Bind under Windows Plesk

Additional information

Adjusting DNS to secure servers against DDoS attacks

Search Words

configure slave nameservers

How to protect Name Servers against DDoS attack

UDP Flood


slave name servers

Plesk name servers

protect name servers

protect Plesk

query (cache) '/MX/IN' denied

DDoS attack

PBA-S managed name servers

400e18f6ede9f8be5575a475d2d6b0a6 caea8340e2d186a540518d08602aa065 a914db3fdc7a53ddcfd1b2db8f5a1b9c 56797cefb1efc9130f7c48a7d1db0f0c 29d1e90fd304f01e6420fbe60f66f838

Email subscription for changes to this article
Save as PDF