Recommend:
To the knowledge base

FRITZ!Box reports "Your FRITZ!Box's DNS rebind protection rejected your query for reasons of security"

The following error message is displayed when you try to use your own host name, domain name, or CNAME to access the FRITZ!Box or a device in the home network:

"Your FRITZ!Box's DNS rebind protection rejected your query for reasons of security.
The host header of your query is different from the name of the FRITZ!Box."

Cause

  • For security reasons, the FRITZ!Box blocks attempts from unfamiliar host names to access its user interface and devices in the home network. This is a security function of the FRITZ!Box to protect against so-called DNS rebinding attacks.

Note:All instructions on configuration and settings given in this guide refer to the latest FRITZ!OS for the FRITZ!Box.

1 Configuring exceptions for DNS rebind protection

  1. Click "Home Network" in the FRITZ!Box user interface.
  2. Click "Network" in the "Home Network" menu.
  3. Click on the "Network Settings" tab.
  4. Click "Additional Settings" in the section "LAN Settings" to display all of the settings.
  5. In the "Host name exceptions" field in the section "DNS Rebind Protection", enter the complete host name (the domain name plus subdomain) or CNAME for which DNS rebind protection should not apply.
  6. If you want to configure exceptions for several host names, enter each host name on a new line.

    Example:
    my-website.com
    my-company.com

  7. Click "Apply" to save the settings.

2 Restarting the FRITZ!Box

  1. Click "System" in the FRITZ!Box user interface.
  2. Click "Backup" in the "System" menu.
  3. Click on the "Restart" tab.
  4. Click the "Restart" button.