Help Docs Liquid Web Portal Domains and DNS DNS Management Disable DNS Zone Transfers

Disable DNS Zone Transfers

DNS zone transfers aid in managing redundant DNS servers, but if your LiquidWeb server isn't a DNS server, they pose a security risk. Best practice is to disable them by adding a line to the named.conf file in the /etc folder.

Command Line Interface Domain Name System DNS Security

1 min read

DNS Zone transfers can be used by organizations to help manage multiple redundant DNS servers. However, if your LiquidWeb server is not functioning as a DNS server for your company, allowing DNS zone transfers can be a security risk as this can expose information about your server to hackers. If not explicitly required, the Best Practice is disable DNS zone transfers altogether. This task can be achieved by adding a single line of code to the named.conf file in the /etc folder.

Log into the server via SSH (login as root or use sudo to run the command as root)
In etc/named.conf, add the following command to the “options” section.

allow-transfer {"none";};

Save your changes and you’ve now disabled DNS Zone Transfers.

Was this article helpful?

Thank you for your input.

Thank you for your feedback.