: Another domain hosting my content I recently created a website of my own after buying domain name from namecheap and hosting it on digitaloceans. http://piyushkhemka.me After googling my own name
I recently created a website of my own after buying domain name from namecheap and hosting it on digitaloceans.
piyushkhemka.me
After googling my own name after a few days, I see this website which is hosting my website on its own domain :
gobismarckmandan.org (fixed now)
Initially I thought someone was just copying my website, however after a few days, I received a stop and desist letter from them. They thought I hacked their site and used it to host my content.
They are a non-profit website which is understaffed and both of us have no idea why their domain name is pointing to my website.
Any ideas what could have happened?
Anyways, the real question is: to prevent such things from happening again, what should I do? How do I prevent other websites from ever hosting my content?
Do I need to edit .htaccess file? Currently, it looks like this:
ErrorDocument 404 /404.html
Options -Indexes
## EXPIRES CACHING ##
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access 1 month"
ExpiresByType image/jpeg "access 1 month"
ExpiresByType image/gif "access 1 month"
ExpiresByType image/png "access 1 month"
ExpiresByType text/css "access 1 week"
ExpiresByType text/html "access 1 week"
ExpiresByType application/pdf "access 1 day"
ExpiresByType text/x-javascript "access 1 week"
ExpiresByType image/x-icon "access 1 week"
ExpiresDefault "access 1 week"
</IfModule>
## EXPIRES CACHING ##
Do I need to add some options to this file?
More posts by @Mendez628
1 Comments
Sorted by latest first Latest Oldest Best
fixed now
How was it "fixed"? I can guess... it seems that your website is accessible by both the IP address and the domain name. My guess is that this other website accidentally pointed their domain name at your IP address. Maybe the IP address was similar; although the IP address that their domain now points to is quite different. Either way, this does look like an accidental config error.
You can protect against this sort of error with a simple canonical redirect (using mod_rewrite) in .htaccess. After the Options directive:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^example.com$
RewriteRule (.*) example.com/ [R=301,L]
This basically says... if the site is accessed by anything other than example.com (eg. the IP address, or another domain!) then redirect to example.com.
How do I prevent other websites from ever hosting my content?
Well, that's a tricky one. The above directives protect against just that one type of issue - which is probably not how a "hacker" would clone a site anyway (since many sites simply can't be accessed by the IP address and it's easy to thwart).
There are many ways a determined hacker could "clone" a site and host your content. And the more sophisticated are pretty much impossible to protect against preemptively, unfortunately.
...subdomains...
If you have additional subdomains then the above "canonical redirect" becomes more complex. One way would be to make an exception for these subdomains as well...
RewriteCond %{HTTP_HOST} !^example.com$
RewriteCond %{HTTP_HOST} !^(subdomain1|subdomain2|subdomain3).example.com$
RewriteRule (.*) example.com/ [R=301,L]
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.