4

What is DNS Rebinding Protection?

DNS rebinding is a method of manipulating resolution of domain names that is commonly used as a form of computer attack. In this attack, a malicious web page causes visitors to run a client-side script that attacks machines elsewhere on the network. In theory, the same-origin policy prevents this from happening: client-side scripts are only allowed to access content on the same host that served the script. Comparing domain names is an essential part of enforcing this policy, so DNS rebinding circumvents this protection by abusing the Domain Name System (DNS).

This protection is not turned on by default, because it could interfere with some configurations purposely working with private IPs. If it is not the case for you, it is a good idea to turn this one.

5 replies

null
    • Brandon.1
    • 3 yrs ago
    • Reported - view

    Please allow us to enable it and whitelist certain domains (i.e. any subdomain of example.com) that can respond with private IPs.

      • NextDNs
      • 3 yrs ago
      • Reported - view

      Brandon this is already the case

      • s_pere
      • 2 yrs ago
      • Reported - view

      NextDNS Is this already a feature now? If so, where is this setting to whitelist specific IPs? Thanks

      • Jo_Strasser
      • 1 yr ago
      • Reported - view

      NextDNS  is a block caused by the DNS Rebinding Protection visible in the logs? Thanks!

    • Aisan_Estrella
    • 3 yrs ago
    • Reported - view

    bumping this feature request