When check domain at dnsreport, it show warning
ERROR: One or more of your nameservers reports that it is an open DNS server.
This can be fixed by editing /etc/named.conf
The default “options” will be
options {
directory “/var/named”;
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
Add following inside options block
allow-recursion {
127.0.0.1;
72.232.50.98;
72.232.50.99;
72.232.50.100;
72.232.50.101;
};
72.232.50.98, 72.232.50.99, 72.232.50.100, 72.232.50.101 are IP’s of the server. Replace it with your server IP’s.
You can find IP’s configured in your server with command ifconfig
After editing, optons will look like
options {
directory “/var/named”;
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;allow-recursion {
127.0.0.1;
72.232.50.98;
72.232.50.99;
72.232.50.100;
72.232.50.101;
72.232.50.102;
};/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};