IMG-LOGO

How to fix Open DNS Resolver issue on your windows server?

andy - 18 Mar, 2016 7940 Views 1 Comment

If you have a VPS or a dedicated server and the DNS Server is available, you must take a precaution on protecting your DNS server from DOS(Denial of Service) or DDOS(Distributed Denial of Service) Attack. The attacks can be done by sending huge fake volume queries to your DNS server so it can cause performance degradation on your server. To overcome this problem, you can do the following actions on your server.

1. Disable the DNS Recursion on your server.

This can be easily done via command prompt. Just open a cmd command on your server and you can type in the following command. The 1 value means off and 0 value mean you want to turn on the recursion.

dnscmd /Config /NoRecursion 1

If you prefer windows interface, you can open the DNS Manager, right click the Properties and in the Advanced tab in the Servers option there is a check box option to disable the DNS recursion.

2. Block external DNS request using built in Windows Firewall.

Open Windows Firewall with Advanced Security in your Windows server and click the Inbound Rules. Look for the DNS TCP and right click the icon and click Properties. In the scope tab, go to the Remote IP Address section and enter the IP Address that are allowed to access. Usually it will be the local IP Address which is 127.0.0.1 and you will need to assign any public IP address that is assigned to your server. Note: this is important that you need to assign the public IP Address. If you have internal IP address, remember to add it as well. Once this is done, do for the DNS UDP as well.

Comments

Heather
27 Jul, 2016
What are the steps if running Windows 10? These don't work. Thank you.
Write Comment
0 characters entered. Maximum characters allowed are 1000 characters.

Related Articles

Getting HTTP Error 500.21 - Internal Server Error

When you try to run MVC site or ASP Net framework 4 website if you receive the following error HTTP Error 500 21 Internal Server Error Saying Handler ExtensionlessUrlHandler Integrated 4 0 has a bad module ManagedPipelineHandler in its module ...

How to allow loading and downloading json file in IIS?

In order to allow loading and downloading json file on your site you have to add json extension in mime type and handler mappings in IIS windows server By default this extension is not view able Therefore you will need ...