The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Preventing unauthorized domains from pointing to my website

Discussion in 'General Discussion' started by s2s, Feb 13, 2014.

  1. s2s

    s2s Member

    Joined:
    Nov 21, 2013
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    [SOLVED] Preventing unauthorized domains from pointing to my website

    Hey guys,

    I have just come across an issue whereby another domain is showing up on Google SERP as our domain. The HOST command shows that the domain has IP address of one of my domains (dedicated IP).

    How can I go about restricting other domains from pointing to our server/IP ?

    I have initially added an additional VirtualHost directive in http.conf as the first entry (before anything else):

    (using Varnish cache, hence 8080)
    Code:
    <VirtualHost *:8080>
       ServerName default-unauth-domain
       <Location />
         Order allow,deny
         Allow from googlebot.com
         Allow from 127.0.0.1
       </Location>
    </VirtualHost>
    This, theoretically, forces apache to deny ALL incoming queries - unless the Host is one of those explicitly named later on in the http.conf (under another VirtualHost directive).

    Is this enough?

    Are there any other measures I should be undertaking?

    How do I prevent this from happening with SSL connections? (I tried an additional VirtualHost directive on 443 but it didn't allow any SSL connection - even my own).

    Also, I had to manually add this into http.conf and issued
    Code:
    /usr/local/cpanel/bin/apache_conf_distiller --update
    to try and enforce this into any cPanel updates to apache - it looks like it added without issue.
     
    #1 s2s, Feb 13, 2014
    Last edited: Feb 14, 2014
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  3. s2s

    s2s Member

    Joined:
    Nov 21, 2013
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Thanks Michael,

    I think that directive should be enough. I opted not to use the Hostname access control for performance.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Feel free to update this thread to let us know how it works out.

    Thanks.
     
  5. s2s

    s2s Member

    Joined:
    Nov 21, 2013
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    So far it seems to be returning a 404 for the specific domain in question (and for visiting via IP).

    Not sure what else might be affected though (crawlers/bots, SEO, etc) - so will monitor for a while.
     
Loading...
Similar Threads - Preventing unauthorized domains
  1. dynaweb
    Replies:
    2
    Views:
    389

Share This Page