diff --git a/Apps/AdvancedBlockingApp/AdvancedBlockingApp.csproj b/Apps/AdvancedBlockingApp/AdvancedBlockingApp.csproj
index 8b246742..185a1045 100644
--- a/Apps/AdvancedBlockingApp/AdvancedBlockingApp.csproj
+++ b/Apps/AdvancedBlockingApp/AdvancedBlockingApp.csproj
@@ -3,7 +3,7 @@
 	<PropertyGroup>
 		<TargetFramework>net7.0</TargetFramework>
 		<AppendTargetFrameworkToOutputPath>false</AppendTargetFrameworkToOutputPath>
-		<Version>5.0.1</Version>
+		<Version>5.1</Version>
 		<Company>Technitium</Company>
 		<Product>Technitium DNS Server</Product>
 		<Authors>Shreyas Zare</Authors>
diff --git a/Apps/AdvancedBlockingApp/App.cs b/Apps/AdvancedBlockingApp/App.cs
index 28a9228a..4ace1247 100644
--- a/Apps/AdvancedBlockingApp/App.cs
+++ b/Apps/AdvancedBlockingApp/App.cs
@@ -35,6 +35,7 @@ using TechnitiumLibrary.Net;
 using TechnitiumLibrary.Net.Dns;
 using TechnitiumLibrary.Net.Dns.EDnsOptions;
 using TechnitiumLibrary.Net.Dns.ResourceRecords;
+using TechnitiumLibrary.Net.Http.Client;
 
 namespace AdvancedBlocking
 {
@@ -446,11 +447,18 @@ namespace AdvancedBlocking
             {
                 if (allowed)
                 {
-                    DnsDatagram internalResponse = await _dnsServer.DirectQueryAsync(request);
-                    if (internalResponse.Tag is null)
-                        internalResponse.Tag = DnsServerResponseType.Recursive;
+                    try
+                    {
+                        DnsDatagram internalResponse = await _dnsServer.DirectQueryAsync(request);
+                        if (internalResponse.Tag is null)
+                            internalResponse.Tag = DnsServerResponseType.Recursive;
 
-                    return internalResponse;
+                        return internalResponse;
+                    }
+                    catch (Exception ex)
+                    {
+                        _dnsServer.WriteLog("Failed to resolve the request for allowed domain name with QNAME: " + question.Name + "; QTYPE: " + question.Type + "; QCLASS: " + question.Class + "\r\n" + ex.ToString());
+                    }
                 }
 
                 return null;
@@ -923,7 +931,7 @@ namespace AdvancedBlocking
                     handler.UseProxy = _dnsServer.Proxy is not null;
                     handler.AutomaticDecompression = DecompressionMethods.All;
 
-                    using (HttpClient http = new HttpClient(handler))
+                    using (HttpClient http = new HttpClient(new HttpClientRetryHandler(handler)))
                     {
                         if (File.Exists(_listFilePath))
                             http.DefaultRequestHeaders.IfModifiedSince = File.GetLastWriteTimeUtc(_listFilePath);
diff --git a/Apps/AdvancedForwardingApp/AdvancedForwardingApp.csproj b/Apps/AdvancedForwardingApp/AdvancedForwardingApp.csproj
index ffae889c..494012c6 100644
--- a/Apps/AdvancedForwardingApp/AdvancedForwardingApp.csproj
+++ b/Apps/AdvancedForwardingApp/AdvancedForwardingApp.csproj
@@ -3,7 +3,7 @@
 	<PropertyGroup>
 		<TargetFramework>net7.0</TargetFramework>
 		<AppendTargetFrameworkToOutputPath>false</AppendTargetFrameworkToOutputPath>
-		<Version>1.0.1</Version>
+		<Version>1.0.2</Version>
 		<Company>Technitium</Company>
 		<Product>Technitium DNS Server</Product>
 		<Authors>Shreyas Zare</Authors>
diff --git a/Apps/AdvancedForwardingApp/App.cs b/Apps/AdvancedForwardingApp/App.cs
index bbed2e56..996a504b 100644
--- a/Apps/AdvancedForwardingApp/App.cs
+++ b/Apps/AdvancedForwardingApp/App.cs
@@ -164,7 +164,7 @@ namespace AdvancedForwarding
 
         public Task<DnsDatagram> ProcessRequestAsync(DnsDatagram request, IPEndPoint remoteEP, DnsTransportProtocol protocol, bool isRecursionAllowed)
         {
-            if (!_enableForwarding)
+            if (!_enableForwarding || !request.RecursionDesired)
                 return Task.FromResult<DnsDatagram>(null);
 
             IPAddress remoteIP = remoteEP.Address;
diff --git a/Apps/BlockPageApp/App.cs b/Apps/BlockPageApp/App.cs
index 1b9a912d..c94d9453 100644
--- a/Apps/BlockPageApp/App.cs
+++ b/Apps/BlockPageApp/App.cs
@@ -485,6 +485,13 @@ namespace BlockPage
             using JsonDocument jsonDocument = JsonDocument.Parse(config);
             JsonElement jsonConfig = jsonDocument.RootElement;
 
+            bool enableWebServer = jsonConfig.GetPropertyValue("enableWebServer", true);
+            if (!enableWebServer)
+            {
+                StopWebServer();
+                return;
+            }
+
             _webServerLocalAddresses = jsonConfig.ReadArray("webServerLocalAddresses", IPAddress.Parse);
 
             if (jsonConfig.TryGetProperty("webServerUseSelfSignedTlsCertificate", out JsonElement jsonWebServerUseSelfSignedTlsCertificate))
@@ -573,6 +580,13 @@ namespace BlockPage
 
                 await File.WriteAllTextAsync(Path.Combine(dnsServer.ApplicationFolder, "dnsApp.config"), config);
             }
+
+            if (!jsonConfig.TryGetProperty("enableWebServer", out _))
+            {
+                config = config.Replace("\"webServerLocalAddresses\"", "\"enableWebServer\": true,\r\n  \"webServerLocalAddresses\"");
+
+                await File.WriteAllTextAsync(Path.Combine(dnsServer.ApplicationFolder, "dnsApp.config"), config);
+            }
         }
 
         #endregion
diff --git a/Apps/BlockPageApp/BlockPageApp.csproj b/Apps/BlockPageApp/BlockPageApp.csproj
index 8992c987..3f2bceca 100644
--- a/Apps/BlockPageApp/BlockPageApp.csproj
+++ b/Apps/BlockPageApp/BlockPageApp.csproj
@@ -3,7 +3,7 @@
 	<PropertyGroup>
 		<TargetFramework>net7.0</TargetFramework>
 		<AppendTargetFrameworkToOutputPath>false</AppendTargetFrameworkToOutputPath>
-		<Version>4.0</Version>
+		<Version>4.1</Version>
 		<Company>Technitium</Company>
 		<Product>Technitium DNS Server</Product>
 		<Authors>Shreyas Zare</Authors>
diff --git a/Apps/BlockPageApp/dnsApp.config b/Apps/BlockPageApp/dnsApp.config
index 9d9119ad..e095d4bc 100644
--- a/Apps/BlockPageApp/dnsApp.config
+++ b/Apps/BlockPageApp/dnsApp.config
@@ -1,4 +1,5 @@
 {
+  "enableWebServer": true,
   "webServerLocalAddresses": [
     "0.0.0.0",
     "::"
diff --git a/Apps/DnsBlockListApp/App.cs b/Apps/DnsBlockListApp/App.cs
index d1d13e55..956aeaf6 100644
--- a/Apps/DnsBlockListApp/App.cs
+++ b/Apps/DnsBlockListApp/App.cs
@@ -242,11 +242,11 @@ namespace DnsBlockList
                     switch (question.Type)
                     {
                         case DnsResourceRecordType.A:
-                            return new DnsDatagram(request.Identifier, true, DnsOpcode.StandardQuery, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, new DnsResourceRecord[] { new DnsResourceRecord(qname, DnsResourceRecordType.A, question.Class, appRecordTtl, new DnsARecordData(responseA)) });
+                            return new DnsDatagram(request.Identifier, true, DnsOpcode.StandardQuery, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, new DnsResourceRecord[] { new DnsResourceRecord(qname, DnsResourceRecordType.A, question.Class, appRecordTtl, new DnsARecordData(responseA)) });
 
                         case DnsResourceRecordType.TXT:
                             if (!string.IsNullOrEmpty(responseTXT))
-                                return new DnsDatagram(request.Identifier, true, DnsOpcode.StandardQuery, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, new DnsResourceRecord[] { new DnsResourceRecord(qname, DnsResourceRecordType.TXT, question.Class, appRecordTtl, new DnsTXTRecordData(responseTXT)) });
+                                return new DnsDatagram(request.Identifier, true, DnsOpcode.StandardQuery, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, new DnsResourceRecord[] { new DnsResourceRecord(qname, DnsResourceRecordType.TXT, question.Class, appRecordTtl, new DnsTXTRecordData(responseTXT)) });
 
                             break;
                     }
@@ -254,7 +254,7 @@ namespace DnsBlockList
                     //NODATA response
                     DnsDatagram soaResponse = await _dnsServer.DirectQueryAsync(new DnsQuestionRecord(zoneName, DnsResourceRecordType.SOA, DnsClass.IN));
 
-                    return new DnsDatagram(request.Identifier, true, DnsOpcode.StandardQuery, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, null, soaResponse.Answer);
+                    return new DnsDatagram(request.Identifier, true, DnsOpcode.StandardQuery, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, null, soaResponse.Answer);
                 }
             }
 
diff --git a/Apps/DnsBlockListApp/DnsBlockListApp.csproj b/Apps/DnsBlockListApp/DnsBlockListApp.csproj
index 02c9578a..c50a5fad 100644
--- a/Apps/DnsBlockListApp/DnsBlockListApp.csproj
+++ b/Apps/DnsBlockListApp/DnsBlockListApp.csproj
@@ -3,7 +3,7 @@
 	<PropertyGroup>
 		<TargetFramework>net7.0</TargetFramework>
 		<AppendTargetFrameworkToOutputPath>false</AppendTargetFrameworkToOutputPath>
-		<Version>1.0</Version>
+		<Version>1.0.1</Version>
 		<Company>Technitium</Company>
 		<Product>Technitium DNS Server</Product>
 		<Authors>Shreyas Zare</Authors>
diff --git a/Apps/FailoverApp/Address.cs b/Apps/FailoverApp/Address.cs
index 38d873cb..cf60fd9e 100644
--- a/Apps/FailoverApp/Address.cs
+++ b/Apps/FailoverApp/Address.cs
@@ -218,7 +218,7 @@ namespace Failover
                         if (answers.Count > 1)
                             answers.Shuffle();
 
-                        return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, answers));
+                        return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, answers));
                     }
 
                 case DnsResourceRecordType.TXT:
@@ -257,7 +257,7 @@ namespace Failover
                         if (jsonAppRecordData.TryGetProperty("secondary", out JsonElement jsonSecondary))
                             GetStatusAnswers(jsonSecondary, FailoverType.Secondary, question, 30, healthCheck, healthCheckUrl, answers);
 
-                        return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, answers));
+                        return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, answers));
                     }
 
                 default:
diff --git a/Apps/FailoverApp/CNAME.cs b/Apps/FailoverApp/CNAME.cs
index c00dff30..785b7e43 100644
--- a/Apps/FailoverApp/CNAME.cs
+++ b/Apps/FailoverApp/CNAME.cs
@@ -195,7 +195,7 @@ namespace Failover
                 }
             }
 
-            return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, answers));
+            return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, answers));
         }
 
         #endregion
diff --git a/Apps/FailoverApp/FailoverApp.csproj b/Apps/FailoverApp/FailoverApp.csproj
index 63a84a75..704e6963 100644
--- a/Apps/FailoverApp/FailoverApp.csproj
+++ b/Apps/FailoverApp/FailoverApp.csproj
@@ -3,7 +3,7 @@
 	<PropertyGroup>
 		<TargetFramework>net7.0</TargetFramework>
 		<AppendTargetFrameworkToOutputPath>false</AppendTargetFrameworkToOutputPath>
-		<Version>6.0</Version>
+		<Version>6.0.1</Version>
 		<Company>Technitium</Company>
 		<Product>Technitium DNS Server</Product>
 		<Authors>Shreyas Zare</Authors>
diff --git a/Apps/GeoContinentApp/Address.cs b/Apps/GeoContinentApp/Address.cs
index 38ed82d2..63b51f05 100644
--- a/Apps/GeoContinentApp/Address.cs
+++ b/Apps/GeoContinentApp/Address.cs
@@ -160,7 +160,7 @@ namespace GeoContinent
                                 options = EDnsClientSubnetOptionData.GetEDnsClientSubnetOption(requestECS.SourcePrefixLength, 0, requestECS.Address);
                         }
 
-                        return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, answers, null, null, _dnsServer.UdpPayloadSize, EDnsHeaderFlags.None, options));
+                        return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, answers, null, null, _dnsServer.UdpPayloadSize, EDnsHeaderFlags.None, options));
                     }
 
                 default:
diff --git a/Apps/GeoContinentApp/CNAME.cs b/Apps/GeoContinentApp/CNAME.cs
index b0dbfb6a..1433083c 100644
--- a/Apps/GeoContinentApp/CNAME.cs
+++ b/Apps/GeoContinentApp/CNAME.cs
@@ -133,7 +133,7 @@ namespace GeoContinent
                     options = EDnsClientSubnetOptionData.GetEDnsClientSubnetOption(requestECS.SourcePrefixLength, 0, requestECS.Address);
             }
 
-            return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, answers, null, null, _dnsServer.UdpPayloadSize, EDnsHeaderFlags.None, options));
+            return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, answers, null, null, _dnsServer.UdpPayloadSize, EDnsHeaderFlags.None, options));
         }
 
         #endregion
diff --git a/Apps/GeoContinentApp/GeoContinentApp.csproj b/Apps/GeoContinentApp/GeoContinentApp.csproj
index 6b6cf7cf..6af51a5c 100644
--- a/Apps/GeoContinentApp/GeoContinentApp.csproj
+++ b/Apps/GeoContinentApp/GeoContinentApp.csproj
@@ -4,7 +4,7 @@
 		<TargetFramework>net7.0</TargetFramework>
 		<AppendTargetFrameworkToOutputPath>false</AppendTargetFrameworkToOutputPath>
 		<CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
-		<Version>6.0</Version>
+		<Version>6.0.1</Version>
 		<Company>Technitium</Company>
 		<Product>Technitium DNS Server</Product>
 		<Authors>Shreyas Zare</Authors>
diff --git a/Apps/GeoCountryApp/Address.cs b/Apps/GeoCountryApp/Address.cs
index c1990b95..5d49c9b1 100644
--- a/Apps/GeoCountryApp/Address.cs
+++ b/Apps/GeoCountryApp/Address.cs
@@ -160,7 +160,7 @@ namespace GeoCountry
                                 options = EDnsClientSubnetOptionData.GetEDnsClientSubnetOption(requestECS.SourcePrefixLength, 0, requestECS.Address);
                         }
 
-                        return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, answers, null, null, _dnsServer.UdpPayloadSize, EDnsHeaderFlags.None, options));
+                        return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, answers, null, null, _dnsServer.UdpPayloadSize, EDnsHeaderFlags.None, options));
                     }
 
                 default:
diff --git a/Apps/GeoCountryApp/CNAME.cs b/Apps/GeoCountryApp/CNAME.cs
index 4c2cc371..569d5e57 100644
--- a/Apps/GeoCountryApp/CNAME.cs
+++ b/Apps/GeoCountryApp/CNAME.cs
@@ -133,7 +133,7 @@ namespace GeoCountry
                     options = EDnsClientSubnetOptionData.GetEDnsClientSubnetOption(requestECS.SourcePrefixLength, 0, requestECS.Address);
             }
 
-            return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, answers, null, null, _dnsServer.UdpPayloadSize, EDnsHeaderFlags.None, options));
+            return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, answers, null, null, _dnsServer.UdpPayloadSize, EDnsHeaderFlags.None, options));
         }
 
         #endregion
diff --git a/Apps/GeoCountryApp/GeoCountryApp.csproj b/Apps/GeoCountryApp/GeoCountryApp.csproj
index 1fec56aa..bb3a1117 100644
--- a/Apps/GeoCountryApp/GeoCountryApp.csproj
+++ b/Apps/GeoCountryApp/GeoCountryApp.csproj
@@ -4,7 +4,7 @@
 		<TargetFramework>net7.0</TargetFramework>
 		<AppendTargetFrameworkToOutputPath>false</AppendTargetFrameworkToOutputPath>
 		<CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
-		<Version>6.0</Version>
+		<Version>6.0.1</Version>
 		<Company>Technitium</Company>
 		<Product>Technitium DNS Server</Product>
 		<Authors>Shreyas Zare</Authors>
diff --git a/Apps/GeoDistanceApp/Address.cs b/Apps/GeoDistanceApp/Address.cs
index be6ebaca..3e2ddc76 100644
--- a/Apps/GeoDistanceApp/Address.cs
+++ b/Apps/GeoDistanceApp/Address.cs
@@ -192,7 +192,7 @@ namespace GeoDistance
                                 options = EDnsClientSubnetOptionData.GetEDnsClientSubnetOption(requestECS.SourcePrefixLength, 0, requestECS.Address);
                         }
 
-                        return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, answers, null, null, _dnsServer.UdpPayloadSize, EDnsHeaderFlags.None, options));
+                        return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, answers, null, null, _dnsServer.UdpPayloadSize, EDnsHeaderFlags.None, options));
                     }
 
                 default:
diff --git a/Apps/GeoDistanceApp/CNAME.cs b/Apps/GeoDistanceApp/CNAME.cs
index 70b78013..e9edae6b 100644
--- a/Apps/GeoDistanceApp/CNAME.cs
+++ b/Apps/GeoDistanceApp/CNAME.cs
@@ -165,7 +165,7 @@ namespace GeoDistance
                     options = EDnsClientSubnetOptionData.GetEDnsClientSubnetOption(requestECS.SourcePrefixLength, 0, requestECS.Address);
             }
 
-            return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, answers, null, null, _dnsServer.UdpPayloadSize, EDnsHeaderFlags.None, options));
+            return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, answers, null, null, _dnsServer.UdpPayloadSize, EDnsHeaderFlags.None, options));
         }
 
         #endregion
diff --git a/Apps/GeoDistanceApp/GeoDistanceApp.csproj b/Apps/GeoDistanceApp/GeoDistanceApp.csproj
index 65b478e1..e9c59419 100644
--- a/Apps/GeoDistanceApp/GeoDistanceApp.csproj
+++ b/Apps/GeoDistanceApp/GeoDistanceApp.csproj
@@ -4,7 +4,7 @@
 		<TargetFramework>net7.0</TargetFramework>
 		<AppendTargetFrameworkToOutputPath>false</AppendTargetFrameworkToOutputPath>
 		<CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
-		<Version>6.0</Version>
+		<Version>6.0.1</Version>
 		<Company>Technitium</Company>
 		<Product>Technitium DNS Server</Product>
 		<Authors>Shreyas Zare</Authors>
diff --git a/Apps/NoDataApp/App.cs b/Apps/NoDataApp/App.cs
index 7c907473..f634ec77 100644
--- a/Apps/NoDataApp/App.cs
+++ b/Apps/NoDataApp/App.cs
@@ -59,7 +59,7 @@ namespace NoData
                 {
                     DnsResourceRecordType blockedType = Enum.Parse<DnsResourceRecordType>(jsonBlockedType.GetString(), true);
                     if ((blockedType == question.Type) || (blockedType == DnsResourceRecordType.ANY))
-                        return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, false, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question));
+                        return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, false, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question));
                 }
             }
 
diff --git a/Apps/NoDataApp/NoDataApp.csproj b/Apps/NoDataApp/NoDataApp.csproj
index 8f867a97..9a528ac8 100644
--- a/Apps/NoDataApp/NoDataApp.csproj
+++ b/Apps/NoDataApp/NoDataApp.csproj
@@ -3,7 +3,7 @@
 	<PropertyGroup>
 		<TargetFramework>net7.0</TargetFramework>
 		<AppendTargetFrameworkToOutputPath>false</AppendTargetFrameworkToOutputPath>
-		<Version>2.0</Version>
+		<Version>2.0.1</Version>
 		<Company>Technitium</Company>
 		<Product>Technitium DNS Server</Product>
 		<Authors>Shreyas Zare</Authors>
diff --git a/Apps/SplitHorizonApp/SimpleAddress.cs b/Apps/SplitHorizonApp/SimpleAddress.cs
index 11c84f44..2117ce2d 100644
--- a/Apps/SplitHorizonApp/SimpleAddress.cs
+++ b/Apps/SplitHorizonApp/SimpleAddress.cs
@@ -222,7 +222,7 @@ namespace SplitHorizon
                         if (answers.Count > 1)
                             answers.Shuffle();
 
-                        return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, answers));
+                        return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, answers));
                     }
 
                 default:
diff --git a/Apps/SplitHorizonApp/SimpleCNAME.cs b/Apps/SplitHorizonApp/SimpleCNAME.cs
index 46d1d4fe..c0ed93c2 100644
--- a/Apps/SplitHorizonApp/SimpleCNAME.cs
+++ b/Apps/SplitHorizonApp/SimpleCNAME.cs
@@ -113,7 +113,7 @@ namespace SplitHorizon
             else
                 answers = new DnsResourceRecord[] { new DnsResourceRecord(question.Name, DnsResourceRecordType.CNAME, DnsClass.IN, appRecordTtl, new DnsCNAMERecordData(cname)) };
 
-            return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, answers));
+            return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, answers));
         }
 
         #endregion
diff --git a/Apps/SplitHorizonApp/SplitHorizonApp.csproj b/Apps/SplitHorizonApp/SplitHorizonApp.csproj
index 07111f5f..fb9bdf58 100644
--- a/Apps/SplitHorizonApp/SplitHorizonApp.csproj
+++ b/Apps/SplitHorizonApp/SplitHorizonApp.csproj
@@ -3,7 +3,7 @@
 	<PropertyGroup>
 		<TargetFramework>net7.0</TargetFramework>
 		<AppendTargetFrameworkToOutputPath>false</AppendTargetFrameworkToOutputPath>
-		<Version>6.0</Version>
+		<Version>6.0.1</Version>
 		<Company>Technitium</Company>
 		<Product>Technitium DNS Server</Product>
 		<Authors>Shreyas Zare</Authors>
diff --git a/Apps/WhatIsMyDnsApp/App.cs b/Apps/WhatIsMyDnsApp/App.cs
index 3b0c02aa..a997212d 100644
--- a/Apps/WhatIsMyDnsApp/App.cs
+++ b/Apps/WhatIsMyDnsApp/App.cs
@@ -73,7 +73,7 @@ namespace WhatIsMyDns
                     return Task.FromResult<DnsDatagram>(null);
             }
 
-            return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, new DnsResourceRecord[] { answer }));
+            return Task.FromResult(new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, new DnsResourceRecord[] { answer }));
         }
 
         #endregion
diff --git a/Apps/WhatIsMyDnsApp/WhatIsMyDnsApp.csproj b/Apps/WhatIsMyDnsApp/WhatIsMyDnsApp.csproj
index 12682d73..0761f089 100644
--- a/Apps/WhatIsMyDnsApp/WhatIsMyDnsApp.csproj
+++ b/Apps/WhatIsMyDnsApp/WhatIsMyDnsApp.csproj
@@ -4,7 +4,7 @@
 		<TargetFramework>net7.0</TargetFramework>
 		<AppendTargetFrameworkToOutputPath>false</AppendTargetFrameworkToOutputPath>
 		<CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
-		<Version>5.0.1</Version>
+		<Version>5.0.2</Version>
 		<Company>Technitium</Company>
 		<Product>Technitium DNS Server</Product>
 		<Authors>Shreyas Zare</Authors>
diff --git a/Apps/WildIpApp/App.cs b/Apps/WildIpApp/App.cs
index 900c8c1d..2c637fd4 100644
--- a/Apps/WildIpApp/App.cs
+++ b/Apps/WildIpApp/App.cs
@@ -104,10 +104,10 @@ namespace WildIp
                 //NODATA reponse
                 DnsDatagram soaResponse = await _dnsServer.DirectQueryAsync(new DnsQuestionRecord(zoneName, DnsResourceRecordType.SOA, DnsClass.IN));
 
-                return new DnsDatagram(request.Identifier, true, DnsOpcode.StandardQuery, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, null, soaResponse.Answer);
+                return new DnsDatagram(request.Identifier, true, DnsOpcode.StandardQuery, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, null, soaResponse.Answer);
             }
 
-            return new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, new DnsResourceRecord[] { answer });
+            return new DnsDatagram(request.Identifier, true, request.OPCODE, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, new DnsResourceRecord[] { answer });
         }
 
         #endregion
diff --git a/Apps/WildIpApp/WildIpApp.csproj b/Apps/WildIpApp/WildIpApp.csproj
index 00afeca9..5270c3b7 100644
--- a/Apps/WildIpApp/WildIpApp.csproj
+++ b/Apps/WildIpApp/WildIpApp.csproj
@@ -4,7 +4,7 @@
 		<TargetFramework>net7.0</TargetFramework>
 		<AppendTargetFrameworkToOutputPath>false</AppendTargetFrameworkToOutputPath>
 		<CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
-		<Version>2.1</Version>
+		<Version>2.1.1</Version>
 		<Company>Technitium</Company>
 		<Product>Technitium DNS Server</Product>
 		<Authors>Shreyas Zare</Authors>
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 837a61f7..3caac284 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,16 @@
 # Technitium DNS Server Change Log
 
+## Version 11.0.3
+Release Date: 11 March 2023
+
+- Fixed DoS vulnerability reported by Xiang Li, [Network and Information Security Lab, Tsinghua University](https://netsec.ccert.edu.cn/) that an attacker can use to send bad-formatted UDP packet to cause the outbound requests to fail to resolve due to insufficient validation.
+- Fixed issue reported by Xiang Li, [Network and Information Security Lab, Tsinghua University](https://netsec.ccert.edu.cn/) that caused conditional forwarder to not honoring RD flag in requests.
+- Fixed issue reported by Xiang Li, [Network and Information Security Lab, Tsinghua University](https://netsec.ccert.edu.cn/) that made amplification attacks more effective due to max 4096 bytes limit for responses.
+- Fixed issue in loading of Allowed and Blocked zones that resulted in loading to take too much time caused due to indexing feature added in last update for authoritative zones.
+- Updated DNS server UDP response processing to remove glue records for MX responses and try again to send it instead of sending a truncated response that was causing issue with some old mail servers that did not perform follow up request over TCP.
+- Block Page App: Updated the app to support option to disable the web server without requiring to uninstall the app to stop the web server.
+- Multiple other minor bug fixes and improvements.
+
 ## Version 11.0.2
 Release Date: 26 February 2023
 
diff --git a/DnsServerApp/DnsServerApp.csproj b/DnsServerApp/DnsServerApp.csproj
index 58b95638..64009d38 100644
--- a/DnsServerApp/DnsServerApp.csproj
+++ b/DnsServerApp/DnsServerApp.csproj
@@ -6,7 +6,7 @@
 		<OutputType>Exe</OutputType>
 		<TargetFramework>net7.0</TargetFramework>
 		<ApplicationIcon>logo2.ico</ApplicationIcon>
-		<Version>11.0.2</Version>
+		<Version>11.0.3</Version>
 		<Company>Technitium</Company>
 		<Product>Technitium DNS Server</Product>
 		<Authors>Shreyas Zare</Authors>
diff --git a/DnsServerCore/Dns/DnsServer.cs b/DnsServerCore/Dns/DnsServer.cs
index 8629add2..306b52ef 100644
--- a/DnsServerCore/Dns/DnsServer.cs
+++ b/DnsServerCore/Dns/DnsServer.cs
@@ -88,7 +88,6 @@ namespace DnsServerCore.Dns
 
         #region variables
 
-        const int UDP_MAX_BUFFER_SIZE = 4096;
         internal const int MAX_CNAME_HOPS = 16;
         const int SERVE_STALE_WAIT_TIME = 1800;
 
@@ -298,7 +297,7 @@ namespace DnsServerCore.Dns
 
         private async Task ReadUdpRequestAsync(Socket udpListener)
         {
-            byte[] recvBuffer = new byte[UDP_MAX_BUFFER_SIZE];
+            byte[] recvBuffer = new byte[DnsDatagram.EDNS_MAX_UDP_PAYLOAD_SIZE];
             using MemoryStream recvBufferStream = new MemoryStream(recvBuffer);
 
             try
@@ -323,7 +322,7 @@ namespace DnsServerCore.Dns
 
                 while (true)
                 {
-                    recvBufferStream.SetLength(UDP_MAX_BUFFER_SIZE); //resetting length before using buffer
+                    recvBufferStream.SetLength(DnsDatagram.EDNS_MAX_UDP_PAYLOAD_SIZE); //resetting length before using buffer
 
                     try
                     {
@@ -415,8 +414,8 @@ namespace DnsServerCore.Dns
 
                 if (request.EDNS is null)
                     sendBuffer = new byte[512];
-                else if (request.EDNS.UdpPayloadSize > UDP_MAX_BUFFER_SIZE)
-                    sendBuffer = new byte[UDP_MAX_BUFFER_SIZE];
+                else if (request.EDNS.UdpPayloadSize > _udpPayloadSize)
+                    sendBuffer = new byte[_udpPayloadSize];
                 else
                     sendBuffer = new byte[request.EDNS.UdpPayloadSize];
 
@@ -435,10 +434,32 @@ namespace DnsServerCore.Dns
                         }
                         else
                         {
-                            if (response.Question[0].Type == DnsResourceRecordType.IXFR)
-                                response = new DnsDatagram(response.Identifier, true, response.OPCODE, response.AuthoritativeAnswer, false, response.RecursionDesired, response.RecursionAvailable, response.AuthenticData, response.CheckingDisabled, response.RCODE, response.Question, new DnsResourceRecord[] { response.Answer[0] }, null, null, request.EDNS is null ? ushort.MinValue : _udpPayloadSize) { Tag = DnsServerResponseType.Authoritative }; //truncate response
-                            else
-                                response = new DnsDatagram(response.Identifier, true, response.OPCODE, response.AuthoritativeAnswer, true, response.RecursionDesired, response.RecursionAvailable, response.AuthenticData, response.CheckingDisabled, response.RCODE, response.Question, null, null, null, request.EDNS is null ? ushort.MinValue : _udpPayloadSize) { Tag = DnsServerResponseType.Authoritative };
+                            switch (response.Question[0].Type)
+                            {
+                                case DnsResourceRecordType.MX:
+                                    //removing glue records and trying again since some mail servers fail to fallback to TCP on truncation
+                                    response = response.CloneWithoutGlueRecords();
+                                    sendBufferStream.Position = 0;
+
+                                    try
+                                    {
+                                        response.WriteTo(sendBufferStream);
+                                    }
+                                    catch (NotSupportedException)
+                                    {
+                                        //send TC since response is still big even after removing glue records
+                                        response = new DnsDatagram(response.Identifier, true, response.OPCODE, response.AuthoritativeAnswer, true, response.RecursionDesired, response.RecursionAvailable, response.AuthenticData, response.CheckingDisabled, response.RCODE, response.Question, null, null, null, request.EDNS is null ? ushort.MinValue : _udpPayloadSize) { Tag = DnsServerResponseType.Authoritative };
+                                    }
+                                    break;
+
+                                case DnsResourceRecordType.IXFR:
+                                    response = new DnsDatagram(response.Identifier, true, response.OPCODE, response.AuthoritativeAnswer, false, response.RecursionDesired, response.RecursionAvailable, response.AuthenticData, response.CheckingDisabled, response.RCODE, response.Question, new DnsResourceRecord[] { response.Answer[0] }, null, null, request.EDNS is null ? ushort.MinValue : _udpPayloadSize) { Tag = DnsServerResponseType.Authoritative }; //truncate response
+                                    break;
+
+                                default:
+                                    response = new DnsDatagram(response.Identifier, true, response.OPCODE, response.AuthoritativeAnswer, true, response.RecursionDesired, response.RecursionAvailable, response.AuthenticData, response.CheckingDisabled, response.RCODE, response.Question, null, null, null, request.EDNS is null ? ushort.MinValue : _udpPayloadSize) { Tag = DnsServerResponseType.Authoritative };
+                                    break;
+                            }
                         }
 
                         sendBufferStream.Position = 0;
@@ -1892,6 +1913,9 @@ namespace DnsServerCore.Dns
                                 break;
 
                             case DnsResourceRecordType.FWD:
+                                if (!request.RecursionDesired || !isRecursionAllowed)
+                                    return new DnsDatagram(request.Identifier, true, DnsOpcode.StandardQuery, false, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.Refused, request.Question) { Tag = DnsServerResponseType.Authoritative };
+
                                 //do conditional forwarding
                                 return await ProcessRecursiveQueryAsync(request, remoteEP, protocol, response.Authority, _dnssecValidation, false, skipDnsAppAuthoritativeRequestHandlers);
 
@@ -1932,7 +1956,7 @@ namespace DnsServerCore.Dns
                 }
             }
 
-            DnsDatagram response = _authZoneManager.Query(request);
+            DnsDatagram response = _authZoneManager.Query(request, isRecursionAllowed);
             if (response is not null)
             {
                 response.Tag = DnsServerResponseType.Authoritative;
@@ -2514,7 +2538,7 @@ namespace DnsServerCore.Dns
                         if (record.Type != DnsResourceRecordType.CNAME)
                             break; //no further CNAME records exists
 
-                        DnsDatagram newRequest = new DnsDatagram(0, false, DnsOpcode.StandardQuery, false, false, true, false, false, false, DnsResponseCode.NoError, new DnsQuestionRecord[] { new DnsQuestionRecord((record.RDATA as DnsCNAMERecordData).Domain, request.Question[0].Type, request.Question[0].Class) });
+                        DnsDatagram newRequest = new DnsDatagram(0, false, DnsOpcode.StandardQuery, false, false, true, false, false, false, DnsResponseCode.NoError, new DnsQuestionRecord[] { new DnsQuestionRecord((record.RDATA as DnsCNAMERecordData).Domain, request.Question[0].Type, request.Question[0].Class) }, null, null, null, _udpPayloadSize);
 
                         //check allowed zone
                         inAllowedZone = _allowedZoneManager.IsAllowed(newRequest) || _blockListZoneManager.IsAllowed(newRequest);
@@ -2535,8 +2559,8 @@ namespace DnsServerCore.Dns
                             //copy last response answers
                             answer.AddRange(blockedResponse.Answer);
 
-                            //cname response cannot be for type NS, MX, SRV so no additional section in response
-                            return new DnsDatagram(request.Identifier, true, DnsOpcode.StandardQuery, false, false, true, true, false, false, DnsResponseCode.NoError, request.Question, answer, blockedResponse.Authority) { Tag = blockedResponse.Tag };
+                            //include blocked response additional section to pass on Extended DNS Errors
+                            return new DnsDatagram(request.Identifier, true, DnsOpcode.StandardQuery, false, false, true, true, false, false, DnsResponseCode.NoError, request.Question, answer, blockedResponse.Authority, blockedResponse.Additional) { Tag = blockedResponse.Tag };
                         }
                     }
                 }
diff --git a/DnsServerCore/Dns/ResolverDnsCache.cs b/DnsServerCore/Dns/ResolverDnsCache.cs
index 6605e488..c033ebbb 100644
--- a/DnsServerCore/Dns/ResolverDnsCache.cs
+++ b/DnsServerCore/Dns/ResolverDnsCache.cs
@@ -157,7 +157,7 @@ namespace DnsServerCore.Dns
 
             if (authResponse is null)
             {
-                authResponse = _authZoneManager.Query(request);
+                authResponse = _authZoneManager.Query(request, true);
                 if (authResponse is not null)
                 {
                     if ((authResponse.RCODE != DnsResponseCode.NoError) || (authResponse.Answer.Count > 0) || (authResponse.Authority.Count == 0) || authResponse.IsFirstAuthoritySOA())
diff --git a/DnsServerCore/Dns/ZoneManagers/AllowedZoneManager.cs b/DnsServerCore/Dns/ZoneManagers/AllowedZoneManager.cs
index 7b94a70d..5f34fc6d 100644
--- a/DnsServerCore/Dns/ZoneManagers/AllowedZoneManager.cs
+++ b/DnsServerCore/Dns/ZoneManagers/AllowedZoneManager.cs
@@ -76,9 +76,7 @@ namespace DnsServerCore.Dns.ZoneManagers
 
             try
             {
-                LogManager log = _dnsServer.LogManager;
-                if (log != null)
-                    log.Write("DNS Server is loading allowed zone file: " + allowedZoneFile);
+                _dnsServer.LogManager?.Write("DNS Server is loading allowed zone file: " + allowedZoneFile);
 
                 using (FileStream fS = new FileStream(allowedZoneFile, FileMode.Open, FileAccess.Read))
                 {
@@ -92,9 +90,15 @@ namespace DnsServerCore.Dns.ZoneManagers
                     {
                         case 1:
                             int length = bR.ReadInt32();
+                            int i = 0;
 
-                            for (int i = 0; i < length; i++)
-                                AllowZone(bR.ReadShortString());
+                            _zoneManager.LoadSpecialPrimaryZones(delegate ()
+                            {
+                                if (i++ < length)
+                                    return bR.ReadShortString();
+
+                                return null;
+                            }, _soaRecord, _nsRecord);
 
                             break;
 
@@ -103,19 +107,21 @@ namespace DnsServerCore.Dns.ZoneManagers
                     }
                 }
 
-                if (log != null)
-                    log.Write("DNS Server allowed zone file was loaded: " + allowedZoneFile);
+                _dnsServer.LogManager?.Write("DNS Server allowed zone file was loaded: " + allowedZoneFile);
             }
             catch (FileNotFoundException)
             { }
             catch (Exception ex)
             {
-                LogManager log = _dnsServer.LogManager;
-                if (log != null)
-                    log.Write("DNS Server encountered an error while loading allowed zone file: " + allowedZoneFile + "\r\n" + ex.ToString());
+                _dnsServer.LogManager?.Write("DNS Server encountered an error while loading allowed zone file: " + allowedZoneFile + "\r\n" + ex.ToString());
             }
         }
 
+        public void ImportZones(string[] domains)
+        {
+            _zoneManager.LoadSpecialPrimaryZones(domains, _soaRecord, _nsRecord);
+        }
+
         public bool AllowZone(string domain)
         {
             if (_zoneManager.CreateSpecialPrimaryZone(domain, _soaRecord, _nsRecord) != null)
@@ -171,9 +177,7 @@ namespace DnsServerCore.Dns.ZoneManagers
                     bW.WriteShortString(zone.Name);
             }
 
-            LogManager log = _dnsServer.LogManager;
-            if (log != null)
-                log.Write("DNS Server allowed zone file was saved: " + allowedZoneFile);
+            _dnsServer.LogManager?.Write("DNS Server allowed zone file was saved: " + allowedZoneFile);
         }
 
         public bool IsAllowed(DnsDatagram request)
@@ -181,7 +185,7 @@ namespace DnsServerCore.Dns.ZoneManagers
             if (_zoneManager.TotalZones < 1)
                 return false;
 
-            return _zoneManager.Query(request) is not null;
+            return _zoneManager.Query(request, false) is not null;
         }
 
         #endregion
diff --git a/DnsServerCore/Dns/ZoneManagers/AuthZoneManager.cs b/DnsServerCore/Dns/ZoneManagers/AuthZoneManager.cs
index d7b64b14..eb153bd1 100644
--- a/DnsServerCore/Dns/ZoneManagers/AuthZoneManager.cs
+++ b/DnsServerCore/Dns/ZoneManagers/AuthZoneManager.cs
@@ -134,18 +134,14 @@ namespace DnsServerCore.Dns.ZoneManagers
                             }
                             catch (Exception ex)
                             {
-                                LogManager log = _dnsServer.LogManager;
-                                if (log != null)
-                                    log.Write(ex);
+                                _dnsServer.LogManager?.Write(ex);
                             }
                         }
                     }
                 }
                 catch (Exception ex)
                 {
-                    LogManager log = _dnsServer.LogManager;
-                    if (log != null)
-                        log.Write(ex);
+                    _dnsServer.LogManager?.Write(ex);
                 }
 
                 //update server domain
@@ -744,15 +740,11 @@ namespace DnsServerCore.Dns.ZoneManagers
                             _zoneIndex.Add(zoneInfo);
                         }
 
-                        LogManager log = _dnsServer.LogManager;
-                        if (log != null)
-                            log.Write("DNS Server successfully loaded zone file: " + zoneFile);
+                        _dnsServer.LogManager?.Write("DNS Server successfully loaded zone file: " + zoneFile);
                     }
                     catch (Exception ex)
                     {
-                        LogManager log = _dnsServer.LogManager;
-                        if (log != null)
-                            log.Write("DNS Server failed to load zone file: " + zoneFile + "\r\n" + ex.ToString());
+                        _dnsServer.LogManager?.Write("DNS Server failed to load zone file: " + zoneFile + "\r\n" + ex.ToString());
                     }
                 }
 
@@ -788,6 +780,60 @@ namespace DnsServerCore.Dns.ZoneManagers
             return null;
         }
 
+        internal void LoadSpecialPrimaryZones(IReadOnlyList<string> zoneNames, DnsSOARecordData soaRecord, DnsNSRecordData ns)
+        {
+            _zoneIndexLock.EnterWriteLock();
+            try
+            {
+                foreach (string zoneName in zoneNames)
+                {
+                    PrimaryZone apexZone = new PrimaryZone(_dnsServer, zoneName, soaRecord, ns);
+
+                    if (_root.TryAdd(apexZone))
+                    {
+                        AuthZoneInfo zoneInfo = new AuthZoneInfo(apexZone);
+                        _zoneIndex.Add(zoneInfo);
+                    }
+                }
+
+                _zoneIndex.Sort();
+            }
+            finally
+            {
+                _zoneIndexLock.ExitWriteLock();
+            }
+        }
+
+        internal void LoadSpecialPrimaryZones(Func<string> getZoneName, DnsSOARecordData soaRecord, DnsNSRecordData ns)
+        {
+            _zoneIndexLock.EnterWriteLock();
+            try
+            {
+                string zoneName;
+
+                while (true)
+                {
+                    zoneName = getZoneName();
+                    if (zoneName is null)
+                        break;
+
+                    PrimaryZone apexZone = new PrimaryZone(_dnsServer, zoneName, soaRecord, ns);
+
+                    if (_root.TryAdd(apexZone))
+                    {
+                        AuthZoneInfo zoneInfo = new AuthZoneInfo(apexZone);
+                        _zoneIndex.Add(zoneInfo);
+                    }
+                }
+
+                _zoneIndex.Sort();
+            }
+            finally
+            {
+                _zoneIndexLock.ExitWriteLock();
+            }
+        }
+
         public AuthZoneInfo CreatePrimaryZone(string zoneName, string primaryNameServer, bool @internal)
         {
             PrimaryZone apexZone = new PrimaryZone(_dnsServer, zoneName, primaryNameServer, @internal);
@@ -1849,7 +1895,7 @@ namespace DnsServerCore.Dns.ZoneManagers
             return null;
         }
 
-        public DnsDatagram Query(DnsDatagram request)
+        public DnsDatagram Query(DnsDatagram request, bool isRecursionAllowed)
         {
             DnsQuestionRecord question = request.Question[0];
 
@@ -1934,7 +1980,7 @@ namespace DnsServerCore.Dns.ZoneManagers
                     }
                 }
 
-                return new DnsDatagram(request.Identifier, true, DnsOpcode.StandardQuery, true, false, request.RecursionDesired, false, false, false, rCode, request.Question, answer, authority);
+                return new DnsDatagram(request.Identifier, true, DnsOpcode.StandardQuery, true, false, request.RecursionDesired, isRecursionAllowed, false, false, rCode, request.Question, answer, authority);
             }
             else
             {
@@ -2092,7 +2138,7 @@ namespace DnsServerCore.Dns.ZoneManagers
                     }
                 }
 
-                return new DnsDatagram(request.Identifier, true, DnsOpcode.StandardQuery, true, false, request.RecursionDesired, false, false, false, DnsResponseCode.NoError, request.Question, answers, authority, additional);
+                return new DnsDatagram(request.Identifier, true, DnsOpcode.StandardQuery, true, false, request.RecursionDesired, isRecursionAllowed, false, false, DnsResponseCode.NoError, request.Question, answers, authority, additional);
             }
         }
 
@@ -2350,9 +2396,7 @@ namespace DnsServerCore.Dns.ZoneManagers
                 }
             }
 
-            LogManager log = _dnsServer.LogManager;
-            if (log != null)
-                log.Write("Saved zone file for domain: " + (zoneName == "" ? "<root>" : zoneName));
+            _dnsServer.LogManager?.Write("Saved zone file for domain: " + (zoneName == "" ? "<root>" : zoneName));
         }
 
         public void DeleteZoneFile(string zoneName)
@@ -2361,9 +2405,7 @@ namespace DnsServerCore.Dns.ZoneManagers
 
             File.Delete(Path.Combine(_dnsServer.ConfigFolder, "zones", zoneName + ".zone"));
 
-            LogManager log = _dnsServer.LogManager;
-            if (log != null)
-                log.Write("Deleted zone file for domain: " + zoneName);
+            _dnsServer.LogManager?.Write("Deleted zone file for domain: " + zoneName);
         }
 
         #endregion
diff --git a/DnsServerCore/Dns/ZoneManagers/BlockListZoneManager.cs b/DnsServerCore/Dns/ZoneManagers/BlockListZoneManager.cs
index 9862cca2..63f1b4e2 100644
--- a/DnsServerCore/Dns/ZoneManagers/BlockListZoneManager.cs
+++ b/DnsServerCore/Dns/ZoneManagers/BlockListZoneManager.cs
@@ -29,6 +29,7 @@ using TechnitiumLibrary.Net;
 using TechnitiumLibrary.Net.Dns;
 using TechnitiumLibrary.Net.Dns.EDnsOptions;
 using TechnitiumLibrary.Net.Dns.ResourceRecords;
+using TechnitiumLibrary.Net.Http.Client;
 
 namespace DnsServerCore.Dns.ZoneManagers
 {
@@ -392,7 +393,7 @@ namespace DnsServerCore.Dns.ZoneManagers
                     handler.UseProxy = _dnsServer.Proxy is not null;
                     handler.AutomaticDecompression = DecompressionMethods.All;
 
-                    using (HttpClient http = new HttpClient(handler))
+                    using (HttpClient http = new HttpClient(new HttpClientRetryHandler(handler)))
                     {
                         if (File.Exists(listFilePath))
                             http.DefaultRequestHeaders.IfModifiedSince = File.GetLastWriteTimeUtc(listFilePath);
diff --git a/DnsServerCore/Dns/ZoneManagers/BlockedZoneManager.cs b/DnsServerCore/Dns/ZoneManagers/BlockedZoneManager.cs
index cfe11d88..f4472753 100644
--- a/DnsServerCore/Dns/ZoneManagers/BlockedZoneManager.cs
+++ b/DnsServerCore/Dns/ZoneManagers/BlockedZoneManager.cs
@@ -87,16 +87,12 @@ namespace DnsServerCore.Dns.ZoneManagers
             }
             catch (Exception ex)
             {
-                LogManager log = _dnsServer.LogManager;
-                if (log != null)
-                    log.Write(ex);
+                _dnsServer.LogManager?.Write(ex);
             }
 
             try
             {
-                LogManager log = _dnsServer.LogManager;
-                if (log != null)
-                    log.Write("DNS Server is loading blocked zone file: " + blockedZoneFile);
+                _dnsServer.LogManager?.Write("DNS Server is loading blocked zone file: " + blockedZoneFile);
 
                 using (FileStream fS = new FileStream(blockedZoneFile, FileMode.Open, FileAccess.Read))
                 {
@@ -110,9 +106,15 @@ namespace DnsServerCore.Dns.ZoneManagers
                     {
                         case 1:
                             int length = bR.ReadInt32();
+                            int i = 0;
 
-                            for (int i = 0; i < length; i++)
-                                BlockZone(bR.ReadShortString());
+                            _zoneManager.LoadSpecialPrimaryZones(delegate ()
+                            {
+                                if (i++ < length)
+                                    return bR.ReadShortString();
+
+                                return null;
+                            }, _soaRecord, _nsRecord);
 
                             break;
 
@@ -121,19 +123,21 @@ namespace DnsServerCore.Dns.ZoneManagers
                     }
                 }
 
-                if (log != null)
-                    log.Write("DNS Server blocked zone file was loaded: " + blockedZoneFile);
+                _dnsServer.LogManager?.Write("DNS Server blocked zone file was loaded: " + blockedZoneFile);
             }
             catch (FileNotFoundException)
             { }
             catch (Exception ex)
             {
-                LogManager log = _dnsServer.LogManager;
-                if (log != null)
-                    log.Write("DNS Server encountered an error while loading blocked zone file: " + blockedZoneFile + "\r\n" + ex.ToString());
+                _dnsServer.LogManager?.Write("DNS Server encountered an error while loading blocked zone file: " + blockedZoneFile + "\r\n" + ex.ToString());
             }
         }
 
+        public void ImportZones(string[] domains)
+        {
+            _zoneManager.LoadSpecialPrimaryZones(domains, _soaRecord, _nsRecord);
+        }
+
         public bool BlockZone(string domain)
         {
             if (_zoneManager.CreateSpecialPrimaryZone(domain, _soaRecord, _nsRecord) != null)
@@ -189,9 +193,7 @@ namespace DnsServerCore.Dns.ZoneManagers
                     bW.WriteShortString(zone.Name);
             }
 
-            LogManager log = _dnsServer.LogManager;
-            if (log != null)
-                log.Write("DNS Server blocked zone file was saved: " + blockedZoneFile);
+            _dnsServer.LogManager?.Write("DNS Server blocked zone file was saved: " + blockedZoneFile);
         }
 
         public DnsDatagram Query(DnsDatagram request)
@@ -199,7 +201,7 @@ namespace DnsServerCore.Dns.ZoneManagers
             if (_zoneManager.TotalZones < 1)
                 return null;
 
-            return _zoneManager.Query(request);
+            return _zoneManager.Query(request, false);
         }
 
         #endregion
diff --git a/DnsServerCore/Dns/Zones/ApexZone.cs b/DnsServerCore/Dns/Zones/ApexZone.cs
index 3017cfc9..0765ccfd 100644
--- a/DnsServerCore/Dns/Zones/ApexZone.cs
+++ b/DnsServerCore/Dns/Zones/ApexZone.cs
@@ -378,12 +378,7 @@ namespace DnsServerCore.Dns.Zones
                         _notifyFailed.Add(nameServerHost);
                 }
 
-                LogManager log = dnsServer.LogManager;
-                if (log is not null)
-                {
-                    log.Write("DNS Server failed to notify name server '" + nameServerHost + "' for zone: " + (_name == "" ? "<root>" : _name));
-                    log.Write(ex);
-                }
+                dnsServer.LogManager?.Write("DNS Server failed to notify name server '" + nameServerHost + "' for zone: " + (_name == "" ? "<root>" : _name) + "\r\n" + ex.ToString());
             }
             finally
             {
diff --git a/DnsServerCore/Dns/Zones/SecondaryZone.cs b/DnsServerCore/Dns/Zones/SecondaryZone.cs
index f015a6cc..a20f6585 100644
--- a/DnsServerCore/Dns/Zones/SecondaryZone.cs
+++ b/DnsServerCore/Dns/Zones/SecondaryZone.cs
@@ -507,8 +507,7 @@ namespace DnsServerCore.Dns.Zones
                             strNameServers += ", " + nameServer.ToString();
                     }
 
-                    log.Write("DNS Server failed to refresh '" + (_name == "" ? "<root>" : _name) + "' secondary zone from: " + strNameServers);
-                    log.Write(ex);
+                    log.Write("DNS Server failed to refresh '" + (_name == "" ? "<root>" : _name) + "' secondary zone from: " + strNameServers + "\r\n" + ex.ToString());
                 }
 
                 return false;
diff --git a/DnsServerCore/Dns/Zones/StubZone.cs b/DnsServerCore/Dns/Zones/StubZone.cs
index 5e21f0e1..76a591ef 100644
--- a/DnsServerCore/Dns/Zones/StubZone.cs
+++ b/DnsServerCore/Dns/Zones/StubZone.cs
@@ -373,8 +373,7 @@ namespace DnsServerCore.Dns.Zones
                             strNameServers += ", " + nameServer.ToString();
                     }
 
-                    log.Write("DNS Server failed to refresh '" + (_name == "" ? "<root>" : _name) + "' stub zone from: " + strNameServers);
-                    log.Write(ex);
+                    log.Write("DNS Server failed to refresh '" + (_name == "" ? "<root>" : _name) + "' stub zone from: " + strNameServers + "\r\n" + ex.ToString());
                 }
 
                 return false;
diff --git a/DnsServerCore/DnsServerCore.csproj b/DnsServerCore/DnsServerCore.csproj
index 5ad4690e..1ccbf207 100644
--- a/DnsServerCore/DnsServerCore.csproj
+++ b/DnsServerCore/DnsServerCore.csproj
@@ -12,7 +12,7 @@
 		<RepositoryType></RepositoryType>
 		<Description></Description>
 		<PackageId>DnsServer</PackageId>
-		<Version>11.0.2</Version>
+		<Version>11.0.3</Version>
 	</PropertyGroup>
 
 	<ItemGroup>
diff --git a/DnsServerCore/LogManager.cs b/DnsServerCore/LogManager.cs
index 4ba1994a..27d04856 100644
--- a/DnsServerCore/LogManager.cs
+++ b/DnsServerCore/LogManager.cs
@@ -573,7 +573,10 @@ namespace DnsServerCore
 
                 if (response.Answer.Count == 0)
                 {
-                    answer = "[]";
+                    if (response.Truncation)
+                        answer = "[TRUNCATED]";
+                    else
+                        answer = "[]";
                 }
                 else if ((response.Answer.Count > 2) && response.IsZoneTransfer)
                 {
diff --git a/DnsServerCore/WebServiceAppsApi.cs b/DnsServerCore/WebServiceAppsApi.cs
index ed87c093..1a3a37c3 100644
--- a/DnsServerCore/WebServiceAppsApi.cs
+++ b/DnsServerCore/WebServiceAppsApi.cs
@@ -30,6 +30,7 @@ using System.Text.Json;
 using System.Threading;
 using System.Threading.Tasks;
 using TechnitiumLibrary;
+using TechnitiumLibrary.Net.Http.Client;
 
 namespace DnsServerCore
 {
@@ -92,7 +93,7 @@ namespace DnsServerCore
 
                         _dnsWebService._log.Write("DNS Server has started automatic update check for DNS Apps.");
 
-                        string storeAppsJsonData = await GetStoreAppsJsonData().WithTimeout(5000);
+                        string storeAppsJsonData = await GetStoreAppsJsonData(true);
                         using JsonDocument jsonDocument = JsonDocument.Parse(storeAppsJsonData);
                         JsonElement jsonStoreAppsArray = jsonDocument.RootElement;
 
@@ -129,7 +130,7 @@ namespace DnsServerCore
                                     {
                                         try
                                         {
-                                            await DownloadAndUpdateAppAsync(application.Name, url);
+                                            await DownloadAndUpdateAppAsync(application.Name, url, true);
 
                                             _dnsWebService._log.Write("DNS application '" + application.Name + "' was automatically updated successfully from: " + url);
                                         }
@@ -163,7 +164,7 @@ namespace DnsServerCore
             }
         }
 
-        private async Task<string> GetStoreAppsJsonData()
+        private async Task<string> GetStoreAppsJsonData(bool doRetry)
         {
             if ((_storeAppsJsonData is null) || (DateTime.UtcNow > _storeAppsJsonDataUpdatedOn.AddSeconds(STORE_APPS_JSON_DATA_CACHE_TIME_SECONDS)))
             {
@@ -172,7 +173,7 @@ namespace DnsServerCore
                 handler.UseProxy = _dnsWebService.DnsServer.Proxy is not null;
                 handler.AutomaticDecompression = DecompressionMethods.All;
 
-                using (HttpClient http = new HttpClient(handler))
+                using (HttpClient http = new HttpClient(doRetry ? new HttpClientRetryHandler(handler) : handler))
                 {
                     _storeAppsJsonData = await http.GetStringAsync(_appStoreUri);
                     _storeAppsJsonDataUpdatedOn = DateTime.UtcNow;
@@ -182,7 +183,7 @@ namespace DnsServerCore
             return _storeAppsJsonData;
         }
 
-        private async Task<DnsApplication> DownloadAndUpdateAppAsync(string applicationName, string url)
+        private async Task<DnsApplication> DownloadAndUpdateAppAsync(string applicationName, string url, bool doRetry)
         {
             string tmpFile = Path.GetTempFileName();
             try
@@ -195,7 +196,7 @@ namespace DnsServerCore
                     handler.UseProxy = _dnsWebService.DnsServer.Proxy is not null;
                     handler.AutomaticDecompression = DecompressionMethods.All;
 
-                    using (HttpClient http = new HttpClient(handler))
+                    using (HttpClient http = new HttpClient(doRetry ? new HttpClientRetryHandler(handler) : handler))
                     {
                         using (Stream httpStream = await http.GetStreamAsync(url))
                         {
@@ -334,7 +335,7 @@ namespace DnsServerCore
                 {
                     try
                     {
-                        string storeAppsJsonData = await GetStoreAppsJsonData().WithTimeout(5000);
+                        string storeAppsJsonData = await GetStoreAppsJsonData(false).WithTimeout(5000);
                         jsonDocument = JsonDocument.Parse(storeAppsJsonData);
                         jsonStoreAppsArray = jsonDocument.RootElement;
                     }
@@ -369,7 +370,7 @@ namespace DnsServerCore
             if (!_dnsWebService._authManager.IsPermitted(PermissionSection.Apps, session.User, PermissionFlag.View))
                 throw new DnsWebServiceException("Access was denied.");
 
-            string storeAppsJsonData = await GetStoreAppsJsonData();
+            string storeAppsJsonData = await GetStoreAppsJsonData(false).WithTimeout(30000);
             using JsonDocument jsonDocument = JsonDocument.Parse(storeAppsJsonData);
             JsonElement jsonStoreAppsArray = jsonDocument.RootElement;
 
@@ -508,7 +509,7 @@ namespace DnsServerCore
             if (!url.StartsWith("https://", StringComparison.OrdinalIgnoreCase))
                 throw new DnsWebServiceException("Parameter 'url' value must start with 'https://'.");
 
-            DnsApplication application = await DownloadAndUpdateAppAsync(name, url);
+            DnsApplication application = await DownloadAndUpdateAppAsync(name, url, false);
 
             _dnsWebService._log.Write(context.GetRemoteEndPoint(), "[" + session.User.Username + "] DNS application '" + name + "' was updated successfully from: " + url);
 
diff --git a/DnsServerCore/WebServiceOtherZonesApi.cs b/DnsServerCore/WebServiceOtherZonesApi.cs
index 7ab8b785..6e78a1f8 100644
--- a/DnsServerCore/WebServiceOtherZonesApi.cs
+++ b/DnsServerCore/WebServiceOtherZonesApi.cs
@@ -237,19 +237,11 @@ namespace DnsServerCore
 
             string allowedZones = request.GetQueryOrForm("allowedZones");
             string[] allowedZonesList = allowedZones.Split(',');
-            bool added = false;
 
-            foreach (string allowedZone in allowedZonesList)
-            {
-                if (_dnsWebService.DnsServer.AllowedZoneManager.AllowZone(allowedZone))
-                    added = true;
-            }
+            _dnsWebService.DnsServer.AllowedZoneManager.ImportZones(allowedZonesList);
 
-            if (added)
-            {
-                _dnsWebService._log.Write(context.GetRemoteEndPoint(), "[" + session.User.Username + "] Total " + allowedZonesList.Length + " zones were imported into allowed zone successfully.");
-                _dnsWebService.DnsServer.AllowedZoneManager.SaveZoneFile();
-            }
+            _dnsWebService._log.Write(context.GetRemoteEndPoint(), "[" + session.User.Username + "] Total " + allowedZonesList.Length + " zones were imported into allowed zone successfully.");
+            _dnsWebService.DnsServer.AllowedZoneManager.SaveZoneFile();
         }
 
         public async Task ExportAllowedZonesAsync(HttpContext context)
@@ -409,19 +401,11 @@ namespace DnsServerCore
 
             string blockedZones = request.GetQueryOrForm("blockedZones");
             string[] blockedZonesList = blockedZones.Split(',');
-            bool added = false;
 
-            foreach (string blockedZone in blockedZonesList)
-            {
-                if (_dnsWebService.DnsServer.BlockedZoneManager.BlockZone(blockedZone))
-                    added = true;
-            }
+            _dnsWebService.DnsServer.BlockedZoneManager.ImportZones(blockedZonesList);
 
-            if (added)
-            {
-                _dnsWebService._log.Write(context.GetRemoteEndPoint(), "[" + session.User.Username + "] Total " + blockedZonesList.Length + " zones were imported into blocked zone successfully.");
-                _dnsWebService.DnsServer.BlockedZoneManager.SaveZoneFile();
-            }
+            _dnsWebService._log.Write(context.GetRemoteEndPoint(), "[" + session.User.Username + "] Total " + blockedZonesList.Length + " zones were imported into blocked zone successfully.");
+            _dnsWebService.DnsServer.BlockedZoneManager.SaveZoneFile();
         }
 
         public async Task ExportBlockedZonesAsync(HttpContext context)
diff --git a/DnsServerCore/WebServiceSettingsApi.cs b/DnsServerCore/WebServiceSettingsApi.cs
index cebbc06c..4bade4be 100644
--- a/DnsServerCore/WebServiceSettingsApi.cs
+++ b/DnsServerCore/WebServiceSettingsApi.cs
@@ -169,8 +169,7 @@ namespace DnsServerCore
                     }
                     catch (Exception ex)
                     {
-                        _dnsWebService._log.Write("Failed to restart DNS service.");
-                        _dnsWebService._log.Write(ex);
+                        _dnsWebService._log.Write("Failed to restart DNS service.\r\n" + ex.ToString());
                     }
                 });
             }
@@ -192,8 +191,7 @@ namespace DnsServerCore
                     }
                     catch (Exception ex)
                     {
-                        _dnsWebService._log.Write("Failed to restart web service.");
-                        _dnsWebService._log.Write(ex);
+                        _dnsWebService._log.Write("Failed to restart web service.\r\n" + ex.ToString());
                     }
                 });
             }
@@ -1188,10 +1186,10 @@ namespace DnsServerCore
             //blocklist timers
             if ((_blockListUpdateIntervalHours > 0) && ((_dnsWebService.DnsServer.BlockListZoneManager.AllowListUrls.Count + _dnsWebService.DnsServer.BlockListZoneManager.BlockListUrls.Count) > 0))
             {
-                if (blockListUrlsUpdated || (_blockListUpdateTimer is null))
+                if (_blockListUpdateTimer is null)
+                    StartBlockListUpdateTimer();
+                else if (blockListUrlsUpdated)
                     ForceUpdateBlockLists();
-
-                StartBlockListUpdateTimer();
             }
             else
             {
diff --git a/DnsServerCore/www/index.html b/DnsServerCore/www/index.html
index 081342e3..7ded04aa 100644
--- a/DnsServerCore/www/index.html
+++ b/DnsServerCore/www/index.html
@@ -393,12 +393,12 @@
                                         <table id="tableZones" class="table table-hover">
                                             <thead>
                                                 <tr>
-                                                    <th>#</th>
-                                                    <th><a href="#" onclick="sortTable('tableZonesBody', 0); return false;">Zone</a></th>
-                                                    <th><a href="#" onclick="sortTable('tableZonesBody', 1); return false;">Type</a></th>
-                                                    <th><a href="#" onclick="sortTable('tableZonesBody', 2); return false;">DNSSEC</a></th>
-                                                    <th><a href="#" onclick="sortTable('tableZonesBody', 3); return false;">Status</a></th>
-                                                    <th><a href="#" onclick="sortTable('tableZonesBody', 4); return false;">Expiry</a></th>
+                                                    <th><a href="#" onclick="sortTable('tableZonesBody', 0); return false;">#</a></th>
+                                                    <th><a href="#" onclick="sortTable('tableZonesBody', 1); return false;">Zone</a></th>
+                                                    <th><a href="#" onclick="sortTable('tableZonesBody', 2); return false;">Type</a></th>
+                                                    <th><a href="#" onclick="sortTable('tableZonesBody', 3); return false;">DNSSEC</a></th>
+                                                    <th><a href="#" onclick="sortTable('tableZonesBody', 4); return false;">Status</a></th>
+                                                    <th><a href="#" onclick="sortTable('tableZonesBody', 5); return false;">Expiry</a></th>
                                                     <th style="width: 36px;"></th>
                                                 </tr>
                                             </thead>
@@ -505,11 +505,11 @@
                                         <table id="tableEditZone" class="table table-hover">
                                             <thead>
                                                 <tr>
-                                                    <th>#</th>
-                                                    <th><a href="#" onclick="sortTable('tableEditZoneBody', 0); return false;">Name</a></th>
-                                                    <th><a href="#" onclick="sortTable('tableEditZoneBody', 1); return false;">Type</a></th>
-                                                    <th><a href="#" onclick="sortTable('tableEditZoneBody', 2); return false;">TTL</a></th>
-                                                    <th><a href="#" onclick="sortTable('tableEditZoneBody', 3); return false;">Data</a></th>
+                                                    <th><a href="#" onclick="sortTable('tableEditZoneBody', 0); return false;">#</a></th>
+                                                    <th><a href="#" onclick="sortTable('tableEditZoneBody', 1); return false;">Name</a></th>
+                                                    <th><a href="#" onclick="sortTable('tableEditZoneBody', 2); return false;">Type</a></th>
+                                                    <th><a href="#" onclick="sortTable('tableEditZoneBody', 3); return false;">TTL</a></th>
+                                                    <th><a href="#" onclick="sortTable('tableEditZoneBody', 4); return false;">Data</a></th>
                                                     <th></th>
                                                 </tr>
                                             </thead>
@@ -1274,7 +1274,7 @@
                                                             <pre>openssl pkcs12 -export -out "example.com.pfx" -inkey "privkey.pem" -in "cert.pem" -certfile "chain.pem"</pre>
                                                         </div>
 
-                                                        <div style="margin-top: 10px;"><a href="https://blog.technitium.com/2020/07/how-to-host-your-own-dns-over-https-and.html" target="_blank">Help: How To Host Your Own DNS-over-HTTPS And DNS-over-TLS Services</a></div>
+                                                        <div style="margin-top: 10px;"><a href="https://blog.technitium.com/2020/07/how-to-host-your-own-dns-over-https-and.html" target="_blank">Help: How To Host Your Own DNS-over-HTTPS, DNS-over-TLS, And DNS-over-QUIC Services</a></div>
                                                         <div style="margin-top: 10px;"><a href="https://blog.technitium.com/2023/02/configuring-dns-over-quic-and-https3.html" target="_blank">Help: Configuring DNS-over-QUIC and HTTPS/3 For Technitium DNS Server</a></div>
                                                     </div>
                                                 </div>
diff --git a/DnsServerWindowsService/DnsServerWindowsService.csproj b/DnsServerWindowsService/DnsServerWindowsService.csproj
index e9dd263e..9d945205 100644
--- a/DnsServerWindowsService/DnsServerWindowsService.csproj
+++ b/DnsServerWindowsService/DnsServerWindowsService.csproj
@@ -8,7 +8,7 @@
 		<RootNamespace>DnsServerWindowsService</RootNamespace>
 		<AssemblyName>DnsService</AssemblyName>
 		<ApplicationIcon>logo2.ico</ApplicationIcon>
-		<Version>11.0.2</Version>
+		<Version>11.0.3</Version>
 		<Authors>Shreyas Zare</Authors>
 		<Company>Technitium</Company>
 		<Product>Technitium DNS Server</Product>
diff --git a/DnsServerWindowsSetup/DnsServerSetup.iss b/DnsServerWindowsSetup/DnsServerSetup.iss
index 0757a484..8f61eadd 100644
--- a/DnsServerWindowsSetup/DnsServerSetup.iss
+++ b/DnsServerWindowsSetup/DnsServerSetup.iss
@@ -2,7 +2,7 @@
 ; SEE THE DOCUMENTATION FOR DETAILS ON CREATING INNO SETUP SCRIPT FILES!
 
 #define MyAppName "Technitium DNS Server"
-#define MyAppVersion "11.0.2"
+#define MyAppVersion "11.0.3"
 #define MyAppPublisher "Technitium"
 #define MyAppURL "https://technitium.com/dns/"
 #define MyAppExeName "DnsServerSystemTrayApp.exe"
diff --git a/build.md b/build.md
index a10e369a..d2baaee0 100644
--- a/build.md
+++ b/build.md
@@ -36,7 +36,7 @@ $ sudo apt-add-repository https://packages.microsoft.com/debian/11/prod
 $ sudo apt update
 ```
 
-3. Install ASP.NET Core 7 runtime and `libmsquic` for DNS-over-QUIC support.
+3. Install ASP.NET Core 7 SDK and `libmsquic` for DNS-over-QUIC support.
 ```
 $ sudo apt install dotnet-sdk-7.0 libmsquic -y
 ```