How to Configure Reverse DNS for BIND in WHM
Valid for versions 86 through the latest version
Last modified: September 25, 2020
Mail servers use Reverse DNS information to help validate a message’s source domain. System administrators use Reverse DNS information to help identify inbound connections trying to get past a firewall or other security.
If your cPanel & WHM server is authoritative, you can use your DNS server to update your server’s PTR records. However, most cPanel & WHM users do not have the authority edit their PTR record directly. Instead, some hosting providers offer reverse DNS management in a client interface. For more information, contact your hosting provider.
- Changes to your server’s DNS nameservers do not take effect if your server’s DNS nameservers are not authoritative for your IP address.
- Many hosting providers do not allow their customers to modify their nameserver PTR records. Contact your hosting provider to delegate authority to your nameservers or set up your nameserver PTR records.
- If you are updating PTR records for mail purposes, it is only necessary to update the records for IP addresses that your sites use to send mail.
Configure reverse DNS
In the following examples:
example.comrepresents your domain.
192.168.0.1represents your main IP address.
0.168.192.in-addr.arparepresents your your server’s main IP address, in PTR record format.
Use the following steps to configure your server’s authoritative nameservers:
PTR records require authoritative DNS nameservers before they can function properly. To find the authoritative DNS nameservers of your server’s main IP address, trace the Start Of Authority (SOA) record. To do this, run the following command:
dig +nssearch 0.168.192.in-addr.arpa
Add the reverse DNS zone
Navigate to WHM’s Add a DNS Zone interface (WHM >> Home >> DNS Functions >> Add a DNS Zone) and enter the following information:
- This interface does not currently support IPv6.
- If your hosting provider delegates you a byte boundary that is greater than
25, separate the network range and byte boundary with a dash (
–) character. Do not use a forward slash (
/) character. For example,For more information, read the RFC 2317 documentation.
- Enter your server’s IP address in the IPv4 Address text box.
- Enter the reverse DNS zone’s name in the Domain text box.
- Create a reverse DNS zone name for an IPv4 address. To do this, perform the following steps:
- Drop the last octet from the IP address.
- Reverse the order of the remaining octets.
.in-addr.arpato the end of the octets.
A complete reverse DNS zone name for an IPv4 address will resemble the following example:
Edit the reverse DNS zone file
After creating your zone file, create the reverse DNS zone file’s PTR record in WHM’s DNS Zone Manager interface (WHM >> Home >> DNS Functions >> DNS Zone Manager).
Your zone file already contains a Nameserver (NS) record for each of your server’s authoritative nameservers.
To add the DNS zone’s PTR record, perform the following steps:
- In WHM’s DNS Zone Manager interface, click Manage next to the domain you want to modify. The system will direct you an interface that displays the domain’s current list of zone records.
- Click Add Record. The system will create a new record entry row in the table.
- Select PTR from the Type menu.
- Enter the DNS zone record’s information in the text boxes, then click Add Record.
Test your records
After your domain’s DNS information propagates, confirm that you properly configured reverse DNS. To confirm that you properly configured reverse DNS, run the following command:
If you correctly configured reverse DNS, the output will resemble the following example:
220.127.116.11.in-addr.arpa domain name pointer www.example.com.