- Plesk for Linux
Named service causes high CPU load.
Significant number of DNS requests from external clients regarding zones that are not hosted on the Plesk server. Recursion (type of requests for these kind of zones) is disabled for external clients. In
, it appears like the following multiple records:
CONFIG_TEXT: named: client 203.0.113.2#4444 (example.com): query (cache) 'example.com/ANY/IN' denied
named: client 203.0.113.2#4444 (example.com): query (cache) 'example.com/ANY/IN' denied
Recursive requests from external clients are handled on the application level (by named service) causing high CPU load.
Install fail2ban to block such malicious requests on the network level to free up CPU resources. the following should be done:
Install Fail2Ban component using Plesk installer
Create a new jail for DNS service using instructions from Plesk documentation
Additional information can be found on Plesk forum.