Doing your usual DNSreport at http://www.dnsreport.com/ 
and getting errors like

Test Name:
Open DNS servers Status:Fail

ERROR: One or more of your nameservers reports that it is an open DNS server. This usually means that anyone in the world can query it. This can cause an excessive load on your DNS server. Also, it is strongly discouraged to have a DNS server be both authoritative for your domain and be recursive (even if it is not open), due to the potential for cache poisoning (with no recursion, there is no cache, and it is impossible to poison it). Also, the bad guys could use your DNS server as part of an attack, by forging their IP address. Problem record(s) are:

Server x.x.x.1. reports that it will do recursive lookups.
Server x.x.x.2. reports that it will do recursive lookups.
Server x.x.x.3. reports that it will do recursive lookups.


This is the correct way to turn off recursion without breaking anything on a whm/cpanel server:

Edit your named.conf

pico /etc/named.conf

options {
allow-recursion { 127.0.0.1; xxx.xxx.xxx.xxx; };
};

In addition to 127.0.0.1 that line should include all IPs on the server plus other IPs that you want to allow recursion.

And ACLs are another way to handle this.
http://www.net.cmu.edu/groups/netdev/docs/bind9/Bv9ARM.ch07.html


For instance you can use this type of config:


acl "trusted" {
main server IP;
127.0.0.1;
name server IP;
name server IP;
additional secondary name server IP;
and so on;

};
options {
directory "/var/named";
version "not currently available";
allow-recursion { trusted; };
allow-notify { trusted; };
allow-transfer { trusted; };
};