Prevent web site being mirrored | Wang's Tech Blog

Hide threads | Keyboard Shortcuts

Wang 18:29 on 2018-01-13 Permalink Reply
Tags: Domain ( 7 ), Nginx ( 4 ), Security ( 20 )
Prevent web site being mirrored

I thought something before, when I check nginx’s log, I found a wired hostname.

After checking, I think our website was mirrored.

I think they parsed their domain by CNAME to our domain, and we don’t do any host check at that time.

To prevent being mirrored again, I add host check configuration in nginx.conf
```
set $flag 0;
if ($host = 'www.wanghongmeng.com') {
    set $flag 1;
}
if ($host = 'wanghongmeng.com') {
    set $flag 1;
}
if ($flag = 0){
    return 403;
}
```
By adding this, nginx will check every request to see if it’s from our domain, if not, return 403 response code.

After this, our website was no longer mirrored again.

Nginx Version: 1.9.12

Like this:
Like Loading...
Reply Cancel reply

Name

Email

Website

Notify me of new comments via email.
Notify me of new posts via email.
Δ

c: Compose new post
j: Next post/Next comment
k: Previous post/Previous comment
r: Reply
e: Edit
o: Show/Hide comments
t: Go to top
l: Go to login
h: Show/Hide help
shift + esc: Cancel

%d bloggers like this: