Press Ctrl/Cmd + P to print
or save as PDF

Disable Recursive DNS/DNS Recursion

Disable Recursive DNS/DNS Recursion

Sometimes a recursive DNS queries occur. This happens when information is requested from a DNS server that does not “own” a domain to query subsequent DNS servers until DNS information and the answer is returned.

The servers with recursive DNS queries enabled are vulnerable to fake requests that can flood the server with the results of each query. This overwhelms the server with a volume of traffic that is too large to be processed. Eventually, the performance degrades. In this case, it is known as a DOS/DDOS (Denial of Service/Distributed Denial of Service) Attack.

There are ways to disable DNS Recursion on your server. You can simply follow the steps below:

Disable Recursion in Plesk

  1. Firstly, log into the Plesk Admin Panel.
  2. Select Tools and Settings.
  3. Next, click DNS Template Settings from the section.
  4. Select Localnets from the DNS Recursion section.
  5. Lastly, click the OK button.

Disable Recursion in Windows Server 2003 and 2008

  1. Access the DNS Manager from the Start menu:
    • Click the Start button.
    • Select Administrative Tools.
    • Select DNS.
  2. Right-click on the desired DNS Server in the Console Tree.
  3. Select the Properties tab.
  4. Click the Advanced button in the Server Options section.
  5. Select the Disable Recursion checkbox.
  6. Click the OK button.

Disable Recursion in Linux

1. Locate the BIND configuration file within the operating system. You can find the BIND configuration file in one of the following paths:
Open the named.conf file in your preferred editor

/etc/bind/named.conf
/etc/named.conf

2. Add the following details to the Options section:

3. Restart the device.

Read the next article which you might be interested in: DNS Propagation & TTL