Information
In the update to BIND 9.5.0 there was a new statistics server included, that is a useful debugging tool in a non-production environment. The HTTP server provides data in XML format about the condition of a BIND 9 server. The statistics server provides the same statistics that are available to the statistics-file dump. This server should be left disabled
Rationale:
The statistics server should NOT be enabled to prevent potential vulnerabilities.
Solution
Leave the statistics server disabled.