0

I have a site 'aaa.com' for instance on a dedicated server. And there is another site 'bbb.com' which became able to display all my site content. It was able to get all the traffic that is coming from google.com to his domain. When I checked its info on who.is, it gave me the same ip address of my server but a different dns. How could that happen?

mrdenny
  • 27,074
  • 4
  • 40
  • 68
Manhal
  • 34
  • 2
  • 1
    This is a common scam. To defend against this, it is possible to configure the Apache webserver to only show your content when the HTTP request contains the correct HTTP_HOST in the URL. For any other hostname, you can direct the request to a different directory and serve different content (An error message, note from your lawyer, pictures of cats, etc.) See http://serverfault.com/questions/271656/apache-scammers-point-dozens-of-domain-names-at-my-dedicated-ip-how-to-prevent – Stefan Lasiewski Mar 22 '13 at 19:51
  • What web server are you using? Everyone's assuming that it's apache. – mrdenny Mar 22 '13 at 20:19
  • @mrdenny Yes it is apache server installed on a rhel 6 server – Manhal Mar 22 '13 at 21:04
  • Excellent, doesn't hurt to check. Wouldn't want you looking for IIS answers. :) – mrdenny Mar 23 '13 at 00:33

2 Answers2

2

It's called DNS. Specifically a CNAME record. A CNAME points to another DNS name. So bbb.com would point to aaa.com which then resolves to an IP address. If people go to bbb.com it resolves to your dedicated server's IP address with aaa.com in the host headers so your web server displays your website. (The last part may or may not be entirely true about host headers and can depend on how Apache is set up)

A while back there was a domain name: the source.ofallevil.com that pointed to Microsoft.com. If you want to http://thesource.ofallevil.com, the URL in the browser would not show Microsoft.com, but the content was purely Microsoft.com. It's all DNS. There is no modification of content, no smoke and mirrors.

To rectify this, you could possibly get a lawyer involved. Just sit back and enjoy the traffic.

Wesley
  • 32,320
  • 9
  • 80
  • 116
  • Thanks for the reply. Can't I prevent him from pointing to my server? – Manhal Mar 22 '13 at 18:36
  • 1
    DNS CNAME records could be analogized to bookmarks. If you write a book, can you prevent someone from using a certain bookmark in it? Not really. From a technical standpoint, I'm not sure if it's possible. From a legal standpoint, I think you might have a case if you have the time and money to devote to it. Certainly I don't think Microsoft liked thesource.ofallevil.com - and I don't know why that domain no longer resolves, so maybe they send a pointed letter to the owner and he took it down. Maybe you can do the same. – Wesley Mar 22 '13 at 18:39
  • 3
    @Manhal: You can't prevent them from pointing to your server. However, you could create an additional Apache configuration for another VirtualHost. In that configuration, you would set the `ServerName` to `bbb.com`. Then *that* configuration would be used for requests that use their redirection. – Oliver Salzburg Mar 22 '13 at 18:49
  • @OliverSalzburg Thank you so much.. your idea solved the problem – Manhal Mar 23 '13 at 00:09
  • 1
    @OliverSalzburg The virtual server is the best solution as it prevents another domain to access the real site. This should be an answer (and, compared to the current answers, should be accepted..) – Déjà vu Mar 23 '13 at 06:42
0

DNS allows any domain to point to any IP. If you really do not want this to happen, then you should set up your web server accordingly...You can have it serve documents to only a certain domain, but as it stands, you are serving to any domain (including the ip, i.e: http://1.2.3.4)

David Houde
  • 3,160
  • 1
  • 15
  • 19