1and1 Help Centre Categories

print article

Secure Your Server Against DNS Amplification Attacks

Learn how to protect your server against DNS amplification attacks (aka DNS reflection attacks).

If you are unsure if your server is affected by this vulnerability, please check for the DNS amplification attack vulnerability on your server.

Step 1
Log in to Plesk. If you do not use Plesk to manage your server's configuration and have BIND installed and running, you can edit the /etc/named.conf file to include the red text below to the options block:
options {
    allow-recursion {"none";};    
    recursion no;
}
Step 2
Click on Server Management > Tools & Settings.
Home panel of Parallels Plesk
Home panel of Parallels Plesk
Step 3
Under General Settings, click on DNS Template Settings.
Overview of Tools 1&1 Settings
Overview of Tools 1&1 Settings
Step 4
Click the DNS Recursion icon. DNS Recursion under DNS Zone Template
DNS Recursion under DNS Zone Template
Step 5
Select Localhost and click OK to save your changes.
Modification of DNS recursion settings with Localhost
Modification of DNS recursion settings with Localhost

The new settings should update immediately. Your server is now protected against DNS amplification attacks.

For additional information, you may want to reference: