Get Paid to Participate - up to $1 per post!     Twitter     Facebook     Google+
Hosting Discussion
 

Hosting Discussion > Web Hosting Forums > Hardware and Server Configuration > How to prevent unauthorized domain forwarding?
forgot password?



Reply


Old
  Post #1 (permalink)   06-14-2017, 03:07 AM
HD Newbie
 
Join Date: Jun 2017
Posts: 3

Status: ravimittal99 is offline
Hi All,

I am not sure if this is the right place to ask this question, but we are facing a peculiar issue.

An unknown domain http://unauthdomain.cf is forwarding (with masking) to our domain http://ourdomain.com.
The data, files, content are being served from our server even at folder levels. Any changes made to our pages is reflecting on their pages as well.
However, the URLs are showing as http://unauthdomain.cf/folder1 instead of http://ourdomain.com/folder1.

We detected this issue when we got an alert in our Google Webmaster tools. We reported this to Cloudfront / Hosting provider and the same was removed after a few hours. However, now we have found 3 other unauthorized domains with the same forwarding/linking.

How do we stop these domains from spoofing our site? Can this be handled at domain DNS configuration level? If not, what changes should we do to server (We use Nginx) level to prevent such issues?
 
 


Old
  Post #2 (permalink)   06-14-2017, 08:40 AM
HD Newbie
 
Join Date: May 2014
Location: BA
Posts: 25
Send a message via MSN to nelsa Send a message via Yahoo to nelsa Send a message via Skype™ to nelsa

Status: nelsa is offline
Domain forwarding with masking is done by iframe,you can resolve this with X-FRAME-OPTIONS and Javascript,I suggest to use second option since not all browser respect x-frame-options.Google "how to prevent my site to be loaded inside iframe"..there are many writen JS codes you can use right now.
 
 


Old
  Post #3 (permalink)   06-14-2017, 11:08 PM
HD Newbie
 
Join Date: Jun 2017
Posts: 3

Status: ravimittal99 is offline
Quote:
Originally Posted by nelsa View Post
Domain forwarding with masking is done by iframe,you can resolve this with X-FRAME-OPTIONS and Javascript,I suggest to use second option since not all browser respect x-frame-options.Google "how to prevent my site to be loaded inside iframe"..there are many writen JS codes you can use right now.
We've checked and it's not done via iframe. This seems to be domain forwarding with masking.

The actual unauthorized domain is koyblanafuc.cf
Our domain is quackquack.in
 
 
 


Old
  Post #4 (permalink)   06-14-2017, 11:52 PM
HD Community Advisor
 
ughosting's Avatar
 
Join Date: Jan 2011
Location: London
Posts: 656

Status: ughosting is offline
They could be using Apache or nginx to proxy your site, but this would be easily overcome with a .htaccess entry

RewriteCond %{HTTP_HOST} !^www\.quackquack\.in [NC]
RewriteCond %{HTTP_HOST} !^$
RewriteRule ^/?(.*) http://www.quackquack.in/$1 [L,R,NE]

See whether this works, if it does enjoy the free traffic you get for a while.

If they are rewriting all of the links stopping the from working then.

create a file like zxcvb.html and visit "their" sites and call this URL, then visit your weblogs and find their ip and the public won't find this file.

the stick something like

Order Deny,Allow
Deny from 10.10.10.10
Deny from 10.11.11.11

In your .htaccess file to block their IPs
(I'm assuming here that you are not a host, if you are, block the IPs in the firewall instead)

That's where I would start.
__________________
UnixGuru High Performance, Low Contention, Hosting
Elastic Sites (HIgh Powered Hosting Accounts) with 1 to 20 CPU Cores, 4 to 42GB of RAM. (Power of a VPS without the hassle)
Shared, Reseller, VPS, Dedicated & More available
 
 
 
The Following 2 Users Say Thank You to ughosting For This Useful Post:
24x7server (02-09-2018), Artashes (06-15-2017)


Old
  Post #5 (permalink)   06-15-2017, 12:02 AM
HD Newbie
 
Join Date: Jun 2017
Posts: 3

Status: ravimittal99 is offline
Quote:
Originally Posted by ughosting View Post
They could be using Apache or nginx to proxy your site, but this would be easily overcome with a .htaccess entry

RewriteCond %{HTTP_HOST} !^www\.quackquack\.in [NC]
RewriteCond %{HTTP_HOST} !^$
RewriteRule ^/?(.*) http://www.quackquack.in/$1 [L,R,NE]

See whether this works, if it does enjoy the free traffic you get for a while.

If they are rewriting all of the links stopping the from working then.

create a file like zxcvb.html and visit "their" sites and call this URL, then visit your weblogs and find their ip and the public won't find this file.

the stick something like

Order Deny,Allow
Deny from 10.10.10.10
Deny from 10.11.11.11

In your .htaccess file to block their IPs
(I'm assuming here that you are not a host, if you are, block the IPs in the firewall instead)

That's where I would start.
Hey! We're using Nginx and hence dont have a .htaccess file. We tried blocking an individual IP last time but thats not a permanent solution as days later, two more such domains cropped up! And this issue is that these domains could later be an issue for our SEO, so not keen on free traffic
 
 
 


Old
  Post #6 (permalink)   02-07-2018, 10:06 AM
HD Community Advisor
 
ughosting's Avatar
 
Join Date: Jan 2011
Location: London
Posts: 656

Status: ughosting is offline
It looks to me that you must be using a single site environment.

If you configure your nginx with virtual hosts put your domain in the correct virtual so that:-

1. your site is shown when you use your domain to resolve to your IP

2. Any other domain resolving to the same IP get another site with a standard index.html page
In that page place, inside the <head> and </head>

Put
<meta http-equiv="refresh" content="0;URL='http://www.quackquack.in'" />

This does not require .htaccess rules.
__________________
UnixGuru High Performance, Low Contention, Hosting
Elastic Sites (HIgh Powered Hosting Accounts) with 1 to 20 CPU Cores, 4 to 42GB of RAM. (Power of a VPS without the hassle)
Shared, Reseller, VPS, Dedicated & More available
 
 
 


Old
  Post #7 (permalink)   02-07-2018, 12:43 PM
HD Amateur
 
Join Date: Jan 2018
Location: India
Posts: 96
Send a message via Skype™ to webconfigure

Status: webconfigure is offline
You should contact Google webmaster first for this. You can set the rules in your index file or .htaccess file to stop this.
 
 
 
Reply

Thread Tools

New Post New Post   Old Post Old Post
Posting Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Sponsored By: