 (port 53), for incoming connections, on your 

, in order to increase security and avoid cyber attacks, such as DDOS.

To do this, connect to your MikroTik, for example, using Winbox, and run the following commands from the Terminal:

add chain=input in-interface=IN-INT protocol=udp dst-port=53 action=drop


add chain=input in-interface=IN-INT protocol=tcp dst-port=53 action=drop


add chain=forward in-interface=IN-INT protocol=udp dst-port=53 action=drop


add chain=forward in-interface=IN-INT protocol=tcp dst-port=53 action=drop

: Replace IN-INT with the name of your Mikrotik's WAN interface.


: If you use multiple WAN interfaces (multi-WAN scenario) in your Mikrotik, you must re-run the above commands, replacing IN-INT with the names of the other WAN interfaces.

How to block DNS resolution from outside.


Blocking DNS resolution from outside. How to.

Enhance your network security by learning how to block incoming DNS service connections on port 53 to mitigate cyber threats like DDoS attacks. 

How to block DNS resolution from outside in Mikrotik

How to run scripts on multi-WAN scenarios on Mikrotik

How to configure FlashStart DNS filtering on Mikrotik devices

How to solve synchronization problems in Mikrotik

The multiprofile and multipolitics

How to configure multiprofile on Mikrotik

Mikrotik OS configuration

FlashStart Docs

Al-based DNS filtering

🛡️ Al-based DNS filtering for
MSPs, ISPs & Companies (cloned)

Demo License activation

First configuration of Cloud Filter

First Steps

Product licenses

Single Cloud Licenses

Cloud Bulk licensing

License management

Threat Protection

Content filtering

App Blocker

Search engines protection

IP Blocking

Geoblocking

Personal WhiteLists

Personal BlackLists

Protection Configuration

Windows connector setup

DNS Proxy Setup

Preventing users from ignoring FlashStart's DNS filter

Granular Protection and Active Directory integration

ClientShield remote agent configuration

DoH and DoT Protocol Configuration

Remote End-Points

The extended search menu

Advanced: Multiprofile and Multipolitics

FlashStart's API for third-party integration (cloned)

Tool: Search in lists

Tool: Import from txt file

Tool: Change password

Tool: Advanced settings

Tool: Stop page

Tool: time zone change

Tool: statistics infrastructure

FlashStart's advanced configurations

Sales marketing tools

Pro & ProPlus (cloned)

Pure Cloud setup mode

Cloud and local DNS cache

ISP and WISP Setup Guide

Data Export

Import RPZ lists

ISP Lite & Premium (cloned)

Configure the Dynamic DNS using dyndns.org

Generic guide to enable FlashStart cloud filtering

Teldat configuration

Bind configuration

Ubiquiti-UniFi configuration

Grandstream configuration

PFSense configuration

Netgear configuration

IPCOP configuration

Linksys Router

Cisco configuration

TP-Link configuration

Fritz!Box configuration

Zyxel/Zywall configuration

Draytek configuration

Bright Box configuration

Ruijie Router

Pi-Hole's blacklist configuration

🔌 Router Guides

How can I synchronize my router?

Why can't I surf?

How do I unlock a website?

Why are filters not applied to the network?

Why can't I add a network?

Install the CA to avoid certificate errors

Why appears "Certificate Error" in some blocked websites?

Change your own account email

Change customer account email

How do I change the account email?

Mikrotik: How do I set up the multi-profile?

Can I create user-based filter policies?

Customization of the stop page

Is it possible to customize the filter block page?

Why can't I access the dashboard?

💬 FAQ

API Documentation for Developers

API Documentation for Developers (cloned)

Traffic Reports

Report

Protection

Networks

Devices

Countries

Profiles

Timezone

Panel

Get Domain Categories

Check domain

Blocklist

Customers

Licenses

Auth

Customerarea