diff --git a/DnsServerCore/www/index.html b/DnsServerCore/www/index.html index 1cc90039..35214081 100644 --- a/DnsServerCore/www/index.html +++ b/DnsServerCore/www/index.html @@ -781,21 +781,21 @@ Enable DNS-over-HTTP (TCP Port 8053) -
Enable this option to accept DNS-over-HTTP requests for both wire and json response formats. It must be used with a TLS terminating reverse proxy like nginx and will work only on private networks.
+
Enable this option to accept DNS-over-HTTP requests for both wire and json response formats. It must be used with a TLS terminating reverse proxy like nginx and will work only on private networks.
-
Enable this option to accept DNS-over-TLS requests.
+
Enable this option to accept DNS-over-TLS requests.
-
Enable this option to accept DNS-over-HTTPS requests for both wire and json response formats.
+
Enable this option to accept DNS-over-HTTPS requests for both wire and json response formats.
@@ -835,7 +835,7 @@ Prefer IPv6 -
DNS Server will use IPv6 for querying whenever possible with this option enabled.
+
DNS Server will use IPv6 for querying whenever possible with this option enabled.
@@ -851,21 +851,21 @@ Enable Logging -
Enable this option to log error and audit logs into the log file.
+
Enable this option to log error and audit logs into the log file.
-
Enable this option to log every query received by this DNS Server and the corresponding response answers into the log file.
+
Enable this option to log every query received by this DNS Server and the corresponding response answers into the log file.
-
Enable this option to use local time instead of UTC for logging.
+
Enable this option to use local time instead of UTC for logging.
@@ -910,35 +910,35 @@ Deny Recursion -
Disables recursion so that this DNS Server works as authoritative only.
+
Disables recursion so that this DNS Server works as authoritative only.
-
Enables recursion to allow this DNS Server to resolve any domain name.
+
Enables recursion to allow this DNS Server to resolve any domain name.
-
Select this option if you want to support recursion only on private networks. Any recursive request from a public network will be refused.
+
Select this option if you want to support recursion only on private networks. Any recursive request from a public network will be refused.
-
Select this option to specify which networks (in CIDR form) must be allowed or denied. Denied networks are always matched first.
+
Select this option to specify which networks (in CIDR form) must be allowed or denied. Denied networks are always matched first.
- + - +
@@ -951,14 +951,14 @@ Randomize Name -
Enables QNAME randomization when using UDP as the transport protocol to improve security.
+
Enables QNAME randomization when using UDP as the transport protocol to improve security.
-
Enables QNAME minimization for recursive resolution to improve privacy.
+
Enables QNAME minimization for recursive resolution to improve privacy.
@@ -993,7 +993,7 @@
The interval to sample client query stats.
-
Note! Queries Per Minute (QPM) feature will limit requests from a client based on its IP address. The QPM limit configured will be compared with the average count from the sample size which means a client may exceed the QPM limit for a given minute but won't exceed for the given sample size in minutes.
+
Note! Queries Per Minute (QPM) feature will limit requests from a client based on its IP address. The QPM limit configured will be compared with the average count from the sample size which means a client may exceed the QPM limit for a given minute but won't exceed for the given sample size in minutes. Additionally, any client hitting QPM limit for Refused responses will be automatically blocked for 12 hours.
@@ -1005,7 +1005,7 @@ Serve Stale
-
Enable the serve stale feature to improve resiliency by using expired or stale records in cache when the DNS server is unable to reach the upstream or authoritative name servers.
+
Enable the serve stale feature to improve resiliency by using expired or stale records in cache when the DNS server is unable to reach the upstream or authoritative name servers.
@@ -1063,12 +1063,32 @@
-
+
+
Uses 0.0.0.0 and :: IP addresses for blocked domain names.
-
Enabling this will return NX Domain response instead of 0.0.0.0 address for blocked domains.
+
+ +
Uses NX Domain response for blocked domain names.
+
+
+ +
Uses custom IP addresses provided below for blocked domain names.
+
+
+ +
+ +
@@ -2227,74 +2247,78 @@
-
+
-
+
Denies everyone from performing a zone transfer.
-
+
Allows everyone to perform a zone transfer.
-
+
Allows only the name servers with an NS record in the zone to perform a zone transfer.
-
+
Allows only the name servers with an IP address specified below to perform a zone transfer.
- +
+ +
Note! Zone transfer should be allowed only for trusted name servers to sync their secondary zone. Zone transfer from localhost (127.0.0.1 or ::1) is always allowed.
-
+
-
+
Does not notify any name server when the zone is updated.
-
+
Notifies only the name servers with an NS record in the zone when the zone is updated.
-
+
Notifies only the name servers with an IP address specified below when the zone is updated.
- +
+ +
Note! Notification must be enabled to allow other name servers to trigger a zone transfer immediately when the zone is updated.