diff --git a/app/models/zonefile_setting.rb b/app/models/zonefile_setting.rb
index 8747a11ca..76e4aa24f 100644
--- a/app/models/zonefile_setting.rb
+++ b/app/models/zonefile_setting.rb
@@ -13,10 +13,8 @@ class ZonefileSetting < ActiveRecord::Base
     filename = "#{origin}.zone"
 
     STDOUT << "#{Time.zone.now.utc} - Generating zonefile #{filename}\n"
-
-    zf = ActiveRecord::Base.connection.execute(
-      "select generate_zonefile('#{origin}')"
-    )[0]['generate_zonefile']
+    sanitized_query = sanitize_sql("select generate_zonefile(?)", origin)
+    zf = ActiveRecord::Base.connection.execute(sanitized_query)[0]['generate_zonefile']
 
     File.open("#{ENV['zonefile_export_dir']}/#{filename}", 'w') { |f| f.write(zf) }