Check your server for openDNS relay (DNS recursion)

You can check your dedicated/vps server for open dns relay by following below methods. It tells you if your server allows dns recursion or not. Follow these steps:

Login to your server via ssh with root login details

Execute following commands:

dig @yourServerIP google.com

if it returns ANSWER:0 that means there is no recursion allowed on the server. Otherwise recursion is allowed on the server.

I.E:

;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 37803
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

Above output shows NO RECURSION (ANSWER: 0)

How to disable DNS recursion on kloxo

Here is the quick code to disable DNS recursion on kloxo based server:

Login to SSH with root credential

Find the “named” configuration file:

# locate named.conf

For chrooted system:

Output : /var/named/chroot/etc/named.conf

Edit the file named.conf

# nano /var/named/chroot/etc/named.conf

In updated Kloxo following is the options file:

# nano /var/named/chroot/etc/global.options.named.conf

Add following code at the end of named.conf file and save changes by CTRL+O:

options {allow-recursion {127.0.0.1; };};

Exit from text editor (For nano)

CTRL+X

Restart named services:

service named restart

That is all : )