How to Configure Reverse DNS for BIND in WHM

Valid for versions 86 through the latest version

Version:

82

86


Last modified: September 25, 2020

Overview

Reverse DNS uses pointer records (PTR) to convert IP addresses to domain names. Forward DNS uses A records to convert domain names to IP addresses.

Mail servers use Reverse DNS information to help validate a message’s source domain. System administrators use Reverse DNS information to help identify inbound connections trying to get past a firewall or other security.

If your cPanel & WHM server is authoritative, you can use your DNS server to update your server’s PTR records. However, most cPanel & WHM users do not have the authority edit their PTR record directly. Instead, some hosting providers offer reverse DNS management in a client interface. For more information, contact your hosting provider.

Important:
  • Changes to your server’s DNS nameservers do not take effect if your server’s DNS nameservers are not authoritative for your IP address.
  • Many hosting providers do not allow their customers to modify their nameserver PTR records. Contact your hosting provider to delegate authority to your nameservers or set up your nameserver PTR records.
  • If you are updating PTR records for mail purposes, it is only necessary to update the records for IP addresses that your sites use to send mail.

Configure reverse DNS

Note:

In the following examples:

  • example.com represents your domain.
  • 192.168.0.1 represents your main IP address.
  • 0.168.192.in-addr.arpa represents your your server’s main IP address, in PTR record format.

Use the following steps to configure your server’s authoritative nameservers:

System requirements

PTR records require authoritative DNS nameservers before they can function properly. To find the authoritative DNS nameservers of your server’s main IP address, trace the Start Of Authority (SOA) record. To do this, run the following command:

dig +nssearch 0.168.192.in-addr.arpa

Add the reverse DNS zone

Navigate to WHM’s Add a DNS Zone interface (WHM >> Home >> DNS Functions >> Add a DNS Zone) and enter the following information:

Note:
  • This interface does not currently support IPv6.
  • If your hosting provider delegates you a byte boundary that is greater than 25, separate the network range and byte boundary with a dash () character. Do not use a forward slash (/) character. For example,
    128-24.0.168.192.in-addr.arpa
    
    For more information, read the RFC 2317 documentation.
  1. Enter your server’s IP address in the IPv4 Address text box.
  2. Enter the reverse DNS zone’s name in the Domain text box.
  3. Create a reverse DNS zone name for an IPv4 address. To do this, perform the following steps:
    1. Drop the last octet from the IP address.
    2. Reverse the order of the remaining octets.
    3. Append .in-addr.arpa to the end of the octets.

A complete reverse DNS zone name for an IPv4 address will resemble the following example:

128/24.0.168.192.in-addr.arpa

Edit the reverse DNS zone file

After creating your zone file, create the reverse DNS zone file’s PTR record in WHM’s DNS Zone Manager interface (WHM >> Home >> DNS Functions >> DNS Zone Manager).

Note:

Your zone file already contains a Nameserver (NS) record for each of your server’s authoritative nameservers.

To add the DNS zone’s PTR record, perform the following steps:

  1. In WHM’s DNS Zone Manager interface, click Manage next to the domain you want to modify. The system will direct you an interface that displays the domain’s current list of zone records.
  2. Click Add Record. The system will create a new record entry row in the table.
  3. Select PTR from the Type menu.
  4. Enter the DNS zone record’s information in the text boxes, then click Add Record.

Test your records

After your domain’s DNS information propagates, confirm that you properly configured reverse DNS. To confirm that you properly configured reverse DNS, run the following command:

host 192.168.0.1

If you correctly configured reverse DNS, the output will resemble the following example:

1.0.168.192.in-addr.arpa domain name pointer www.example.com.

Additional Documentation