What is DNS Rebinding Protection?

DNS rebinding is a method of manipulating resolution of domain names that is commonly used as a form of computer attack. In this attack, a malicious web page causes visitors to run a client-side script that attacks machines elsewhere on the network. In theory, the same-origin policy prevents this from happening: client-side scripts are only allowed to access content on the same host that served the script. Comparing domain names is an essential part of enforcing this policy, so DNS rebinding circumvents this protection by abusing the Domain Name System (DNS).

This protection is not turned on by default, because it could interfere with some configurations purposely working with private IPs. If it is not the case for you, it is a good idea to turn this one.

4replies Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
  • Please allow us to enable it and whitelist certain domains (i.e. any subdomain of example.com) that can respond with private IPs.

    • Brandon this is already the case

      Like 2
      • s_pere
      • s_pere
      • 1 yr ago
      • Reported - view

      NextDNS Is this already a feature now? If so, where is this setting to whitelist specific IPs? Thanks

  • bumping this feature request