FRITZ!Box 7590 Service - Knowledge Base

FRITZ!Box 7590 Service

FRITZ!Box reports "Your FRITZ!Box's DNS rebind protection rejected your query for reasons of security"

The following error message is displayed when you try to use your own host name, domain name, or CNAME to access the FRITZ!Box or a device in the home network:

"Your FRITZ!Box's DNS rebind protection rejected your query for reasons of security.
The host header of your query is different from the name of the FRITZ!Box."

Cause

  • For security reasons, the FRITZ!Box blocks attempts from unfamiliar host names to access its user interface and devices in the home network. This is a security function of the FRITZ!Box to protect against what are known as DNS rebinding attacks.

Note:All instructions on configuration and settings given in this guide refer to the latest FRITZ!OS for the FRITZ!Box.

1 Configuring exceptions for DNS rebind protection

  1. Click "Home Network" in the FRITZ!Box user interface.
  2. Click "Network" in the "Home Network" menu.
  3. Click on the "Network Settings" tab.
  4. In the section "WAN setting", click "Additional Settings" to display all of the settings.
  5. In the "Host name exceptions" field in the section "DNS Rebind Protection", enter the complete host name (the domain name plus subdomain) or CNAME for which DNS rebind protection should not apply.
  6. If you want to define exceptions for several host names, enter the host names separated by a line break.

    Example:
    my-domain.com
    abcd1234.myfritz.net

  7. Click "Apply" to save the settings.

2 Restarting the FRITZ!Box

  1. Click "System" in the FRITZ!Box user interface.
  2. Click "Backup" in the "System" menu.
  3. Click on the "Restart" tab.
  4. Click the "Restart" button.