Skip to main content

PowerDNS allows users to place CNAME records in the zone apex

Jefferson Sherlin
  • Updated

Symptoms

On a cPanel server running PowerDNS, a user may replace the domain's apex A record with a CNAME record or convert the A record to a CNAME record.

; cPanel first:102.0.18 (update_time):1728389782 Cpanel::ZoneFile::VERSION:1.3 hostname:server.hostname.tls latest:122.0.17
; Zone file for domain.tld
$TTL 3600
domain.tld.	86400	IN	SOA	ns1.hostname.tld. admin.hostname.tld. 2024100803 86400 7200 2419200 3600

domain.tld.	86400	IN	NS	ns1.hostname.tld.
domain.tld.	86400	IN	NS	ns2.hostname.tld.
domain.tld.	3600	IN	CNAME	somehost.tld.

 

Description

By default, CNAME records cannot exist in the zone apex as the zone apex must contain the SOA record (RFC 1034 section 4.2.1) and CNAME records cannot exist at a node with any other record (RFC 1034 section 3.6.2,). This is referred to as "Alias records."

Though they are disabled by default, it is possible to configure PowerDNS to allow Alias records. If this functionality is not desired, you can undo the changes to disallow the Alias records.

 

Workaround

  1. Access your server using SSH as the root user.

  2. Move or delete the touch file from the following location:

    rm -v /etc/pdns/danger-danger-danger-server-owners-understand-the-severe-risk-and-accept-responsibility-for-any-consequences-of-using-experimental-alias-records

  3. Using your preferred text editor, open the PowerDNS config file at /etc/pdns/pdns.conf and remove the following lines:

    expand-alias=yes
resolver=192.0.2.3

  4. Save the file and restart the pdns service:

    /scripts/restartsrv_pdns

Related articles

Comments

1 comment

Date Votes
  • Kyle Pinkley cPanel Staff

    Update: We would like to thank you for your interest in this article/case and encourage your submissions as they are valuable to the ever-expanding development of cPanel & WHM. At this time, this particular issue has not been selected for action from our Development Team, as it may require more development resources than we can allot, or alters the direction cPanel envisions for the product. Submissions persist in our Issue Tracking System in the event the impact of the related issue grows or product direction changes. If you feel that this defect requires direct action, we strongly encourage you to submit a Feature Request to allow the cPanel Community to vote and support your cause.

    Thank you again for helping us make cPanel & WHM the hosting platform of choice.

    0

Article is closed for comments.