To launch the internal webserver, add a :ref:`setting-webserver` to the configuration file.
This will instruct PowerDNS to start a webserver on localhost at port 8081, without password protection.
-By default the webserver listens on localhost, meaning only local users (on the same host) will be able to access the webserver. Since the default ACL before 4.1.0 allows access from everywhere if :ref:`webserver-address` is set to a different value, we strongly advise the use of a password protection.
+By default the webserver listens on localhost, meaning only local users (on the same host) will be able to access the webserver. Since the default ACL before 4.1.0 allows access from everywhere if :ref:`setting-webserver-address` is set to a different value, we strongly advise the use of a password protection.
The webserver lists a lot of potentially sensitive information about the PowerDNS process, including frequent queries, frequently failing queries, lists of remote hosts sending queries, hosts sending corrupt queries etc.
The webserver does not allow remote management.
The following webserver related configuration items are available:
- Default: empty
The IP address sent via EDNS Client Subnet to authoritative servers listed in
-`edns-subnet-whitelist`_ when `use-incoming-ecs`_ is set and the query has
+`edns-subnet-whitelist`_ when `use-incoming-edns-subnet`_ is set and the query has
an ECS source prefix-length set to 0.
-The default is to look for the first usable (not an `any` one) address in
+The default is to look for the first usable (not an ``any`` one) address in
`query-local-address`_ then `query-local-address6`_. If no suitable address is
found, the recursor fallbacks to sending 127.0.0.1.