Recommend:
Knowledge document #3565

The FRITZ!Repeater reports 'Your [...] DNS rebind protection rejected your query for reasons of security'

The following error message is displayed when you try to use your own host name, domain name, or CNAME to access the FRITZ!Repeater or a device in the home network:

'Your FRITZ!Repeater's DNS rebind protection rejected your query for reasons of security.
The host header of your query is different from the name of the FRITZ!Repeater.'

Cause

  • For security reasons, the FRITZ!Repeater blocks attempts from unfamiliar host names to access its user interface and devices in the home network. This is a security function of the FRITZ!Repeater to protect against so-called DNS rebinding attacks.

Note:All instructions on configuration and settings given in this guide refer to the latest FRITZ!OS for the FRITZ!Repeater.

1 Configuring exceptions for DNS rebind protection

  1. Click on 'Home Network' in the user interface of the FRITZ!Repeater.
  2. Click on 'Network' in the 'Home Network' menu.
  3. Click on the 'Network Settings' tab.
  4. Click on 'Additional Settings' in the 'LAN Settings' section to display all of the settings.
  5. In the 'Host name exceptions' field in the 'DNS Rebind Protection' section, enter the complete host name (the domain name plus subdomain) or CNAME for which DNS rebind protection should not apply.
  6. If you want to configure exceptions for several host names, enter each host name on a new line.

    Example:
    my-website.com
    my-company.com

  7. Click on 'Apply' to save the settings.

2 Restarting the FRITZ!Repeater

  1. Click on 'System' in the user interface of the FRITZ!Repeater.
  2. Click on 'Backup' in the 'System' menu.
  3. Click on the 'Restart' tab.
  4. Click on the 'Restart' button.
Language selection