htaccess - Deny requests from unauthorized domains

前端未结

关注

 3  1437

I have a website \"www.mysite.com\", and it has an its own ip. Now since few months I see several domains pointing to my ip server (it\'s not a shared ip). I can navigate thru t

相关标签:

3条回答

借酒劲吻你

2021-02-09 00:31
I can't say particularly for htaccess. but through programming, you can achieve this. say, your domain is www.mydomain.com. suppose the browser is requesting for about-me section of your web site. you can do the following. I'm showing for PHP(as I am little educated with php).
```
<?php
if($_SERVER['HTTP_HOST'] == "your domain")
{
//show content
}
else
{
echo "your are not authorized to view contents from here.";
}
```
if u prefer other languages, they might have their way to get the host name.
0 讨论(0)
发布评论:

提交评论
- 加载中...

栀梦

2021-02-09 00:45

If you want to do with mod_rewrite, you can check SERVER_NAME to block unauthorized domains:

RewriteEngine on
RewriteCond %{SERVER_NAME} ^(www\.)?thiefdomain1\.example$ [OR]
RewriteCond %{SERVER_NAME} ^(www\.)?thiefdomain2\.example$ [OR]
RewriteCond %{SERVER_NAME} ^(www\.)?thiefdomain3\.example$
RewriteRule ^ - [F]

RewriteEngine on
RewriteCond %{SERVER_NAME} !^(www\.)?yourdomain\.example$
RewriteCond %{SERVER_NAME} !^(www\.)?yourdomain-alias\.example$
RewriteRule ^ - [F]

If you have root privileges, you can also solve the problem with name-based virtual hosting as follows:

NameVirtualHost *:80

<VirtualHost 192.0.2.100:80>
  ServerName dummy
  <Location />
    Order deny,allow
    Deny from all
  </Location>
  ...
</VirtualHost>

<VirtualHost 192.0.2.100:80>
  ServerName www.yourdomain.example
  ServerAlias yourdomain.example
  ...
</VirtualHost>

The first VirtualHost definition is treated as a default virtual host. If 192.0.2.100 is accessed as thiefdomain1.example, thiefdomain2.example, thiefdomain3.example, or any other hostnames except for www.yourdomain.example or yourdomain.example (defined in the second VirtualHost), Apache refers the first VirtualHost and returns 403 Forbidden status.

0 讨论(0)

悲&欢浪女

2021-02-09 00:53
~~1) What IPs are your thieves coming from? Can you block those IPs?~~

2) Have you reported them to Google for content stealing (if you can prove you are the owner)?

3) Have you reported this to the domain hoster? (e.g. GoDaddy)

4) You can also rewrite your HTML so they are absolute paths instead of relative:

For example, a relative path would look like:
```
< a href="/page/2.html">page 2</a>
```
absolute path would include your web site address:
```
<a href="http://www.site.com/page/2.html">page 2</a>
```
0 讨论(0)
发布评论:

提交评论
- 加载中...