Information
Starting in BIND 9.5.0 there was a new statistics web server included, that is a useful debugging tool in a non-production environment. The HTTP server provides data in XML format about the condition of a BIND 9 server. The statistics server provides the same statistics that are available to the statistics-file dump. This server should be left disabled.
Rationale:
A production name server should not have additional, unnecessary services running, as the additional services increases the risk of vulnerabilities.
Solution
Remove the statistics-channel option from the configuration file.
Default Value:
The HTTP server is disabled by default.