Jump to content

Exact illegal copy of my Site on another Domain


Neo
 Share

Recommended Posts

A couple of months ago I created a portfolio website with ProcessWire for a client of mine.

For both server and CMS I used strong passwords and the usual security measures.

My client contacted me now that an exact, dynamic copy of the website was created on 

another domain. I already filed a complaint with the respective Domain registrar (GoDaddy) 

and also notified Google via the DMCA procedure. The violating domain uses the same IP

like the VPS of my client. 

The question is now how this could have happened. I know that there are tools like HTTrack on

Kali Linux, which would to my knowledge require access to the MySQL database to create an

exact copy. As you don't easily hack a secured Linux server, this makes me think that the intrusion

must come from inside the hosting company; i.e. a system administrator accessed the VPS.

Would appreciate your advice.

Link to comment
Share on other sites

HTTrack (at least how I have used it) just downloads the served HTML pages - it doesn't need any access to your server for this - it just grabs the pages that any browser can view. How do you know that the copy isn't just serving static HTML pages? If that is the case, then there really isn't anything that can be done. Even if they have duplicated some dynamic functionality from your site, that doesn't necessarily mean anything was hacked.

The violating domain uses the same IP like the VPS of my client. 

This does seem a bit weird though. I assume you mean the same IP CIDR block, rather than the exact same IP address?

Link to comment
Share on other sites

Have you checked the copied site using http://isit.pw/?
 

If you update content on your client's site, is it coming up on the copied site; or is the content "as it was" at the time it was copied?

Are you able to access the control panel with your known credentials?

Is there a chance that the new domain is "pointing" to your client's site?


Is this even possible? Two machines to have the same IP address?

It depends. If the servers are behind a load balancer or caching server, then many websites would appear to use the same IP. It would all depend on the hosting provider's configuration and DNS configuration of the domains in question.

  • Like 3
Link to comment
Share on other sites

I just changed some content on the original site and the changes also appear on the other domain, i.e.

the domain just seems to point to the site.

Could I redirect incoming traffic from this specific domain (both www and non-www) with .htaccess?

Or what would you do? 

I am just asking myself why you would redirect to another domain like that? 

Earn domain authority with someone's content?

The original content is the personal portfolio of a graphic designer, so there 

is really not much commercial value...

Link to comment
Share on other sites

This happened to me once when I forgot to delete a development site on a free hosting. Once the production site was online the two where still connected through the .htaccess file. It looked exactly as you describe your situation now.

Link to comment
Share on other sites

I just changed some content on the original site and the changes also appear on the other domain, i.e.

the domain just seems to point to the site.

Use both of these in the command line. If both return the same IP you can be really sure. 

nslookup mydomain.com
nslookup copydomain.com
  • Like 1
Link to comment
Share on other sites

@LostKobrakai nslookup returns the exact IP for both domains, i.e. this domain seems to just point to the website.  

@OrganizedFellow No iframe involved. It is the exact same content.

@Peter Knight The original website is from a graphic designer. The hijacking domain seems to be unrelated. Some sort of theater or show from Canada.

Neither the domain owner nor GoDaddy's abuse service are reacting. 

Is there anything I can do about this?

Link to comment
Share on other sites

How did they get Neo's client's VPS IP address in order to point to it? That is not info you get on whois, or am I missing something?

Exactly the way I posted above. How else would your browser get your requests to the right server if there wasn't a way to get the ip address behind a domain.

  • Like 1
Link to comment
Share on other sites

If you upload a random txt or html file to your web server, can you access it at the other domain? My guess is yes. If so, it sounds like an honest mistake. Perhaps you are on a dedicated IP and the owner of the other domain made a typo when setting up their DNS record. Or perhaps the web host made an error when setting up their VirtualHost directives in Apache. You should be able to correct the problem by adding this to your .htaccess file somewhere after the "RewriteEngine On" line:

RewriteCond %{HTTP_HOST} !^www\.yourdomain\.com [NC]
RewriteRule ^ http://www.yourdomain.com/ [L,R=301]
  • Like 8
Link to comment
Share on other sites

Thanks Ryan. I used your snippet to redirect all incoming traffic from potentially misleading domains, which works.

Might be possible that this is an error, however, I contacted the domain-owner who is not responding, which is strange.

I was thinking that the whole domain might have been kidnapped and the owner does not know about it. 

In any case, it is the responsibility of the domain registrar to investigate this further.

Thanks to everyone for the comments.

Again, ProcessWire stands out when it comes to community support.

  • Like 2
Link to comment
Share on other sites

Just thought I'd add that if you thought it was malicious then diogo's way above might be better: https://processwire.com/talk/topic/11380-exact-illegal-copy-of-my-site-on-another-domain/?p=106247 as it will show a forbidden warning, rather than cause potentially dodgy urls to redirect to your site as per Ryan's solution.

Either is valid - just different results for anyone loading the URL in question. If it was a dodgy XXX url for example (I know it isn't in this case) then showing a forbidden warning might be preferable to something that sounds a bit x-rated silently redirecting to your domain name :)

  • Like 1
Link to comment
Share on other sites

@Pete I appreciate your comment and will also consider diogo's solution, which makes sense if the pointing domain contains XXX content. 

The domain owner has still not reacted, which makes me think this has been done on purpose. GoDaddy also refuses any responsibility.

Overall, not an ideal situation.

Link to comment
Share on other sites

To force a reaction of the responsibles

RewriteCond %{HTTP_HOST} !^(.*)\.yourdomain\.com$ [NC]
RewriteRule (.*) <h1>Error 502 Bad Gateway</h1><p>Please contact <a href="mailto:owner@example.org">domain owner</a> and/or <a href="mailto:provider@example.org">Service Provider</a></p> [R=301,L]
Link to comment
Share on other sites

I have an interesting related problem. There is a website that is using a meta refresh to redirect to our domain, is there any way to filter that out using htaccess?

Here you go: http://stackoverflow.com/questions/13106299/redirect-using-htaccess-based-on-referrer

Actually, that link I posted is part of the puzzle, what you might actually want (untested) is this since you know the referring domain:

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://the-naughty-domain.com [NC]
RewriteRule ^ http://the-website-of-your-choosing.com/ [L,R]

Basically targetting only the naughty domain and sending them somewhere else. This can also be changed to do any of the other actions discussed in this topic.

  • Like 2
Link to comment
Share on other sites

  • 10 months later...

I am having this exact same problem right now. Shouldn't this type of issues be solved by default on PW's .htaccess?

Also, I have a doubt, I thought this kind of protection involved the configuration variable $config->httpHosts, or maybe I am missing what this variable is for exactly?

Best regards.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...