Results 1 to 21 of 21
-
12-22-2013, 10:19 AM #1Newbie
- Join Date
- Jan 2012
- Posts
- 20
Someone is mirroring my website on another domain
Hi,
I've noticed someone has been mirroring my website on another domain. When information gets updated on my website, the mirrored website gets updated instantly too. This is both with database updates and static HTML updates. They changed the logo at the top of the page and also changed the copy right text at the bottom, but everything else is the same. When I right click to view source, I noticed that the copied website is linking to my css file on my website.
Is there any way I can stop people from mirroring my website? I wrote this PHP code below, but it didn't help. The website still shows up on the mirrored website.
<?php
if (!preg_match("/localhost|example\.com/i", $_SERVER['SERVER_NAME']))
{
echo "<p>Error.</p>";
exit;
}
?>
Thanks for reading!
-
12-22-2013, 10:26 AM #2Newbie
- Join Date
- Dec 2013
- Posts
- 22
Lodge a DMCA complaint against them.
-
12-22-2013, 10:39 AM #3Top-Notch Hosting
- Join Date
- Aug 2008
- Location
- England, UK
- Posts
- 974
Are you sure your site is being mirrored and not framed? If framed you can try using a javascript breakout script.
█ LampNetworks - Affordable Web Hosting
█ Hosting locations in United Kingdom & United States
█ cPanel+Softaculous | 99.9% Uptime SLA | Daily & Monthly Backups
█ Custom Hosting Plans Available - Select and Pay only for the Quotas YOU need
-
12-22-2013, 11:14 AM #4Newbie
- Join Date
- Jan 2012
- Posts
- 20
Thanks for your replies.
1. Where is the best place to file a DMCA complaint? DMCA.com?
2. How can I find out if a frame is being used? When I right click to view source, I don't see anything that says "frame"? What should I look for?
Thanks again guys.
-
12-22-2013, 11:22 AM #5Disabled
- Join Date
- Jul 2008
- Location
- Riverview, FL/Concord, NC
- Posts
- 618
Look for a php include statement.
-
12-23-2013, 04:07 AM #6Web Hosting Master
- Join Date
- Jan 2005
- Location
- Minneapolis, MN
- Posts
- 966
This tells you what you need to include in the DMCA: http://www.anti-abuse.org/how-to-fil...mca-complaint/
Send it to the offending site and their upstream providers.Doyle Lewis
BuyHTTP Internet Services - In business since 2003
Business Hosting | nginx, CloudLinux, Varnish cache, and CDP with every business account
Shared, Reseller, Semi Dedicated, VPS, Cloud, Dedicated - We can grow with you
-
12-25-2013, 04:01 AM #7Web Hosting Guru
- Join Date
- Jul 2013
- Posts
- 296
use hotlink protection for you js css and images.
-
12-26-2013, 09:30 AM #8Newbie
- Join Date
- Dec 2013
- Posts
- 10
Report the site to Google immediately so it doesn't damage your rankings!
-
12-26-2013, 11:00 AM #9Junior Guru
- Join Date
- Jan 2013
- Posts
- 187
I had a similar situation yesterday. I noticed it through the live chat tracking system.
But later I figured out that my IP address has been used by another client before and he didn't update his DNS yet. So his URL was still pointing to my new vps.
-
12-26-2013, 11:53 AM #10Newbie
- Join Date
- Jan 2012
- Posts
- 20
Thanks for replying to this thread and offering suggestions. Once I find a solution I will report back here.
I have sent a DMCA request to Google to have the site removed. It's still pending. I added this code to my htaccess file and it has blocked the copied website from using my photos and css file, however the database content and html files are all still on the fake website.
RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} otherdomain\.com [NC]
RewriteRule .* - [F]
-
12-26-2013, 12:19 PM #11Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
Its probably a reverse proxy.
Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
12-26-2013, 12:58 PM #12Junior Guru Wannabe
- Join Date
- Feb 2011
- Location
- Auckland, New Zealand
- Posts
- 76
If it is a reverse proxy as Steven has suggested, you could try opening a URL such as:
http://fakesite/?thisissomethingtotallyunique=1
Then check your own website logs to see if a request like this was made to your own site. If it was, then try blocking the originating IP of that request. (It could be the same as the IP of the fake site, but not necessarily.)
-
12-26-2013, 01:45 PM #13Temporarily Suspended
- Join Date
- Dec 2013
- Posts
- 35
Have you tried blocking the target server from your source server?
And like everyone else says, Enable hotlink protection - That would do for now!
-
12-27-2013, 02:35 PM #14Newbie
- Join Date
- Jan 2012
- Posts
- 20
The guy has removed my website from his domain and now he is copying a competitor of mine. I now think he is a competitor who is doing negative SEO to try and knock out his competition from Google. I received this email from Google today:
Please identify the exact content at http://example.com/ that you claim infringes upon your copyright. Once we have received this information, we will be able to continue our investigation.
Last night I tried the reverse proxy URL tip that KiwiDave gave on my iPhone and I looked at my logs this morning and saw an IP I am not familiar with, so I banned it with htaccess. I also noticed other activity where someone has been trying to access files that do not exist on my server.
I got the info below from Google about hot linking. Is it correct?
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg|css)$ - [F]
-
12-29-2013, 04:01 AM #15Temporarily Suspended
- Join Date
- Dec 2013
- Posts
- 2
Reverse Proxy
As previously stated, it has to be a reverse proxy because there is no way that a remote website can copy your mysql database unless your hosting machine is infected. So I wouldn't recommend sending a DMCA complaint.
You can simply block the IP of the webserver that is accessing your website.
You can use this simple script I just coded to find the IP of the reverse proxy.
Simply upload this to your web server and access it through the mirrored web site to find out the remote servers IP.
Code:<?php echo $_SERVER['REMOTE_ADDR']; ?>
-
12-30-2013, 07:37 PM #16Newbie
- Join Date
- Jan 2012
- Posts
- 20
Thanks for your advice OnlineServices.
How does this proxy thing work? Does it constantly download all the information from my website and then upload it to the fake website?
I haven't heard anything back from Google since I told them that this guy is now copying someone else.
If anyone else wants to find out if someone is copying their website content, try this link: http://copyscape.com/
-
12-30-2013, 07:41 PM #17Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
A reverse proxy can be something as simple as nginx.
http://www.cyberciti.biz/tips/using-...rse-proxy.html
If its a reverse proxy, and it sounds like it is, it loads your site in real time. They can use the proxy to rewrite parts of the site to match what they want all in realtime.Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
12-30-2013, 11:27 PM #18Temporarily Suspended
- Join Date
- Dec 2013
- Posts
- 2
Reverse Proxy
Yes as steven stated, reverse proxies are essentially just relays of data between you and the server.
During this relay process if you said that certain content of your page is being modified. It is likely that the relay software reads the page data and then modifies it with some of their ad code before relaying the now modified data back to you.
Let me know if you have any more questions/concerns.
-
01-06-2014, 07:41 PM #19New Member
- Join Date
- Jan 2014
- Posts
- 4
I've had this happen... I took control
I've had one of the websites I manage being reverse proxied (i.e. "stolen") ... twice. It's a Russian language site, and for whatever reason, the Russian scammers seem more aggressive.
The first time, they were reverse proxying, and they always came from the same IP address and same user agent. They were clever enough to ignore requests to things like "robots.txt" and the Google/Yandex verification files and headers, so I wasn't having any luck adding their phony domain to my Google/Yandex webmaster.
I noticed though that if I added the verification headers and used HTML encoding instead of a plain old string for the Yandex thing, it was accepted. So I was able to add the bogus hostname to my Yandex account, tell it to remove all URLs. Google was tricky too but I finally got it. They also filtered out any meta tags where we specify the canonical URL... lame.
Meanwhile, I setup an iRule on my F5 to take any requests from that IP address/user agent and always return a simple HTML setup with a meta-refresh to the *real* host. If the browser is set to ignore meta-refresh, I also display a message saying "click here to get to the real page" or whatever (in Russian of course). I could have just blocked traffic from them, but people were clicking on the links and I wanted to help those visitors get to the real thing, while also making sure crawlers would kill off those bogus links.
So that worked... eventually hits to the bogus page died off. It was annoying because for a while, their site was ranking ahead of ours in Yandex results.
Then it happened again, different hostname, different IP address. This time they didn't even try to filter out requests for verification files so that part was easy. And Yandex now has a feature where it automatically figures out duplicate sites and will set the earliest known one to be the canonical domain. I did the same thing, putting in a meta tag refresh, even though this time Yandex wasn't even ranking them. Google was starting too though.
Oh, and in that second case, the folks who setup the reverse proxy were at least passing through the original user agents, so all I had to go on was the IP from them.
But yeah, it's easy enough to verify... like someone already mentioned, I went to the bogus site and added a made-up parameter like "?this-is-bogus" and looked for that in my server logs to confirm how they're hitting my server.
Could a future case be even sneaker and do more to block my attempts? Probably, but worst case I just deny their reverse proxy any access at all. Unless they have a vast pool of proxies they come from, there's not much left for them to try besides scraping the site entirely and merely serving up static copies.
I considered denying access to our JS/CSS unless the referrer was our actual site, but we use Akamai for CDN and a change like that would take a while anyway, and since I found another way it wasn't a priority. Their site would have still worked, it just would have looked ugly. Pictures are a big part of our site and they often get linked elsewhere on social media so we wouldn't want to block those in particular, but if your needs are different, that's definitely an option.
Just remember, if they're mirroring/proxying your content, you do actually have some control, because their server is hitting you to know what to serve to the end user. Unless they spend more time trying to work around whatever you're able to do, you should be able to stop them, or best case, subvert them and send them to the correct URL.
-
01-06-2014, 10:44 PM #20Web Hosting Evangelist
- Join Date
- May 2008
- Location
- Cusco Perú
- Posts
- 531
To view the cache by date, design and text you can use:
http://archive.org/
Note: http://copyscape.com/ is just to know if your text is copied to another page, but not for web design, if your site down with programs like teleport, your site would have a script that will record the IP and send an email.Last edited by CircuitoX; 01-06-2014 at 10:50 PM.
-
01-07-2014, 09:08 AM #21Aspiring Evangelist
- Join Date
- Sep 2007
- Posts
- 357
Here is a simple javascript code to prevent iframe requests on your website. Add the code in <head> tag for your default theme.
Code:<script type="text/javascript"> //<![CDATA[ if (window.top !== window.self) {document.write = '';window.top.location = window.self.location; setTimeout(function(){document.body.innerHTML='';},1);window.self.onload=function(evt){document.body.innerHTML='';};} //]]> </script>
PHP | MySQL | JS | Ajax | HTML
Similar Threads
-
Website mirroring
By digitalracks in forum Hosting Security and TechnologyReplies: 1Last Post: 01-06-2007, 03:28 PM -
website mirroring
By rexster99 in forum Hosting Security and TechnologyReplies: 5Last Post: 12-23-2005, 03:25 AM -
Failover and mirroring a website.
By dee_at_candl in forum Dedicated ServerReplies: 7Last Post: 05-05-2004, 02:16 PM -
Mirroring a website
By grace5 in forum Hosting Security and TechnologyReplies: 4Last Post: 01-22-2003, 05:44 AM -
website mirroring
By inquisitive in forum Web HostingReplies: 7Last Post: 07-11-2001, 03:56 PM