PCI-DSS 4.0 2.2.1

Configure system security parameters

UnveilScan findings mapped to this control

The scanner emits 1 distinct finding on this control. Click "Scan a domain" below to see which of them currently apply to your site, with copy-paste remediation snippets (nginx, Apache, DNS BIND, web-server config).

dns.zone_transfer_open ⏱ 30 min

DNS — Zone transfer open

Risk if ignored: The entire zone (every A/AAAA/CNAME/TXT record, including internal hosts) is publicly downloadable — attackers get your full asset map for free.

security

Also maps to 3 other controls

ANSSI Reco-DNS §2.6 — Restreindre les AXFR aux secondaires autorisés
ISO 27001:2022 A.8.9 — Configuration management
NIS 2 21.2.e — Supply chain security