1-877-24-PRONTO     Live Sales Chat    Get Support    Login
ServerPronto HowTo
Setting up DNS Server Security

Setting up DNS Server Security

By default Windows Server 2008 R2 DNS has an “open relay”, which means that anyone can use your server to make DNS lookups. This is dangerous because it allows something called a “DNS Amplification Attack”.

This is a process where your open relay is used to send bogus data to another server, aiding the hackers process to take it offline.

You don’t want this to happen as not only is it illegal, it can use a lot of bandwidth and it will end up in bandwidth overage invoices.

To prevent this, we need to disable “recursion”. To do this:

  • Open the DNS Manager again.
  • Right click on your server name in the tree and select Properties“.

DNS Security

  • Select the “Advanced” tab.
  • Check the “Disable recursion (also disables forwarders)” checkbox.

DNS Security

- Click “OK”.

Note: There are some instances where recursion is necessary and you may need to leave this enabled. If you have problems, re-enable recursion. This may happen in an Active Directory environment.


That’s it, your domain should now be fully functional! You should ask someone to check it for you that hasn’t accessed it recently. Keep checking it for the next couple of days to make sure it carries on working.

Once confirmed working you can continue to add more domains and/or records in the same fashion as explained on this tutorial. Just remember that should your server go down, your domains do too. For most people this won’t matter too much as sites tend to be hosted on the same server, but just remember this should you off-load your sites elsewhere but continue to host your name servers. 

Bare Metal, Cloud, and Custom Dedicated Servers

Affordable Hosting Done Right

ServerPronto’s Dedicated Servers are the economical choice for providing an exclusive set of resources solely devoted to your IT needs. With our bare metal servers, you will benefit from:.

  • Transparent Pricing, Free Setup Assistance
  • 24/7 Customer Support and Hardware Replacement
  • 100% Uptime SLA, 7-day Money Back Guarantee
  • Full Root Access, Personalised Solutions
Build Your Server Contact an Advisor
about img


Provisioned Servers