Search Engine: Elastic

Article ID: 119862, created on Jan 28, 2014, last review on Jul 14, 2018

  • Applies to:
  • Plesk Automation


By default Plesk Automation name servers allow zone transfer to everyone, how do I disable DNS zone transfers?


Required functionality is not implemented in Plesk Automation 11.5.

The feature request #POA-79532 was created regarding the matter.

Subscribe to our knowledge base - each product update comes with corresponding KB article:

You can use the following workaround:

On the DNS node edit the /var/named/run-root/etc/named.conf file, add desired IP-addresses that should be allowed to transfer zone information from the server to the options clause under the allow-transfer, and comment out the acl common-allow-transfer statement; please refer the example below where the transfer is allow to IP-address:

# This file was automatically generated.
options {
        directory "/var";
        auth-nxdomain no;
        recursion no;
        listen-on-v6 { any; };
        allow-transfer {;};
key "rndc-key" {
        algorithm hmac-md5;
        secret "***";
controls {
        inet port 953
        allow {; } keys { "rndc-key"; };
zone "." {
        type hint;
        file "named.root";
zone "0.0.127.IN-ADDR.ARPA" {
        type master;
        file "localhost.rev";

#acl common-allow-transfer {
#       none;

# Two following includes include PEM-managed zones info.
include "pem_zones";
include "pem_reverse_zones";

e0aff7830fa22f92062ee4db78133079 caea8340e2d186a540518d08602aa065

Email subscription for changes to this article
Save as PDF