Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

htaccess - Deny requests from unauthorized domains

Tags:

apache

.htaccess

I have a website "www.mysite.com", and it has an its own ip. Now since few months I see several domains pointing to my ip server (it's not a shared ip). I can navigate thru the entire website with those unauthorized domains, they get indexed in google with my contents and all.

How can i set my htaccess to allow requests only for "www.mysite.com" ?

UPDATE

this is the .htaccess I've written so far with the suggestions, but somehow the first page is still served, with no images tho

.htaccess

SetEnvIfNoCase Referer "^http://(www.)?thiefdomain.com" spam_ref  
SetEnvIfNoCase Referer "^http://(www.)?thiefdomain2.com" spam_ref2


<FilesMatch "(.*)">  
    Order Allow,Deny  
    Allow from all  
    Deny from env=spam_ref  
    Deny from env=spam_ref2  
</FilesMatch>  

RewriteEngine On  
RewriteCond %{REQUEST_FILENAME} -s [OR]  
RewriteCond %{REQUEST_FILENAME} -l [OR]  
RewriteCond %{REQUEST_FILENAME} -d  
RewriteRule ^.*$ - [NC,L]  
RewriteRule ^.*$ index.php [NC,L]

How can I avoid the first page to be displayed?

like image 227
Carlo Avatar asked Dec 14 '12 04:12

Carlo

People also ask

What does htaccess Deny from all do?

htaccess to make it happen. For example, deny from all is a command that will allow you to apply access restrictions to your site.

1 Answers

If you want to do with mod_rewrite, you can check SERVER_NAME to block unauthorized domains:

RewriteEngine on
RewriteCond %{SERVER_NAME} ^(www\.)?thiefdomain1\.example$ [OR]
RewriteCond %{SERVER_NAME} ^(www\.)?thiefdomain2\.example$ [OR]
RewriteCond %{SERVER_NAME} ^(www\.)?thiefdomain3\.example$
RewriteRule ^ - [F]

or

RewriteEngine on
RewriteCond %{SERVER_NAME} !^(www\.)?yourdomain\.example$
RewriteCond %{SERVER_NAME} !^(www\.)?yourdomain-alias\.example$
RewriteRule ^ - [F]

If you have root privileges, you can also solve the problem with name-based virtual hosting as follows:

NameVirtualHost *:80

<VirtualHost 192.0.2.100:80>
  ServerName dummy
  <Location />
    Order deny,allow
    Deny from all
  </Location>
  ...
</VirtualHost>

<VirtualHost 192.0.2.100:80>
  ServerName www.yourdomain.example
  ServerAlias yourdomain.example
  ...
</VirtualHost>

The first VirtualHost definition is treated as a default virtual host. If 192.0.2.100 is accessed as thiefdomain1.example, thiefdomain2.example, thiefdomain3.example, or any other hostnames except for www.yourdomain.example or yourdomain.example (defined in the second VirtualHost), Apache refers the first VirtualHost and returns 403 Forbidden status.

like image 180
yasu Avatar answered Oct 07 '22 07:10

yasu
Sign in to Comment

Related questions

Long polling in Laravel (sleep() function make application freeze)
PHP $_SERVER['REMOTE_ADDR'] empty
Apache2 mod_evasive vs mod_security with OWASP crs when protecting against DDOS?
Redirect non-www https to www https on apache not working as expected
Unable to view ganglia dashboard
Apache Camel: maven-remote-resources-plugin (goal "process") is ignored by m2e
CORS - how to ignore authentication for OPTIONS preflight request in Apache's httpd.conf?
Per-directory CA in httpd 2.4 (mod_ssl)
Warning: stream_socket_enable_crypto(): SSL operation failed with code 1
HTTP Connection pooling in Apache CXF
Why does all non matching traffic go to the first VirtualHost rather than the default site config in httpd.conf
Android Cannot access org.apache.http.client.HttpClient
Deploying a war file to Tomcat on a VPS
ContentType doesn't declare an explicit app_label
301 redirect non-www to www
How to measure the memory usage per active Apache Connection?
Disable Login Prompts in mod_auth_sspi_1.0.4-2.2.2
.htaccess prompt for password
Attempting to use symbolic link for var/www/html
How to remove port number from http://localhost:8123 to use as http://localhost? [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!