Welcome to WebmasterWorld Guest from 54.234.13.175

Forum Moderators: phranque

Message Too Old, No Replies

another domain pointed to my website content

     
4:32 pm on Oct 28, 2017 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Oct 28, 2017
posts: 50
votes: 0


Hello
Another domain http://example.com site simply display the content of your site at their own URL i don't know how it is done but now my google rank slowly drops please help me how to fix this

thank you

[edited by: phranque at 8:22 pm (utc) on Oct 28, 2017]
[edit reason] exemplified domain [/edit]

8:54 pm on Oct 28, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 890


Hello anthonyinit 2017 and welcome to WebmasterWorld [webmasterworld.com]

This is most often done by the remote site wrapping your site's address in an iframe.
<iframe>https://example.com/</iframe>

You can't stop them from doing this, but you can stop your server from sending your content to the user's browser by using this script at the top of every page (or in the header for the entire site):

<script type="text/javascript">
if (parent.frames.length > 0) {
parent.location.href = location.href;
}
</script>

and the header tag in htaccess:
 
Header set X-FRAME-OPTIONS "deny"

This should stop any effect caused at Google.
9:25 pm on Oct 28, 2017 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Oct 28, 2017
posts: 50
votes: 0


@keyplyr thank you so much for your reply... but i like to say that i'm not so good with codes and stuff so can i simply copy this code as it is into my header and .htaccess file ? or do i need to edit this code?

thank you for your understanding :)
9:31 pm on Oct 28, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 890


Code is generic... no need to edit

As always, make a copy of any file you intend to edit, so if things go sideways, you can always put the original file back.
9:39 pm on Oct 28, 2017 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Oct 28, 2017
posts: 50
votes: 0


i add the 1st code into my header and all works well then i add the 2nd code into my .htaccess file and i got 500 internal server error so i remove the code from my .htaccess file now site is back online
10:05 pm on Oct 28, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 890


The header code goes at the very top, outside of anything else.

Different servers are set up differently. The "header set" syntax is the most common for Apache versions, but you should ask your admin how they prefer it done.

You could try:
 Header append X-FRAME-OPTIONS "deny"

Are you using a CMS (like Drupal or Wordpress)?
10:16 pm on Oct 28, 2017 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Oct 28, 2017
posts: 50
votes: 0


I'm using VPS with fully root access. OS Debian and latest Apache. control panel Virtualmin.

even your 2nd code "Header append X-FRAME-OPTIONS "deny"" gave me 500 internal error

no sir i'm not using a CMS

thank you
10:19 pm on Oct 28, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 890


Always good to state your server set-up :)


Add following line in Apache Web Server’s httpd.conf file:
Header always append X-Frame-Options SAMEORIGIN
https://geekflare.com/secure-apache-from-clickjacking-with-x-frame-options/
10:27 pm on Oct 28, 2017 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:Apr 9, 2011
posts:15257
votes: 692


i add the 2nd code into my .htaccess file and i got 500 internal server error
500 errors tend to be caused by embarrassing typos on your part. (Ask how I know this :() Check for basics like trailing (or leading) blank spaces at the end of the line: some areas of Apache don't care, but others throw fits.

:: detour to check something ::
Override: FileInfo so no worries there. If you have htaccess at all, you can use this directive. As usual, Apache 2.4 has more options than 2.2 when it comes to the "Header" directive, but anything you could do in 2.2 you can continue to do in 2.4.

For a single word like “deny” the quotation marks are optional.

Are you copying-and-pasting the suggested headers, or typing them in from scratch?
10:44 pm on Oct 28, 2017 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Oct 28, 2017
posts: 50
votes: 0


@keyplyr i don't see apache httpd.conf i only see apache2.conf

@lucy23 yes i'am copy and paste whatever the code is given here.

My apache2.conf file [snip]

my .htaccess file [snip]

mod note: [please post your code here using code [webmasterworld.com] tags]

[edited by: phranque at 12:08 am (utc) on Oct 29, 2017]
[edit reason] download links [/edit]

12:08 am on Oct 29, 2017 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:Apr 9, 2011
posts:15257
votes: 692


Require all granted

Ka-ching, you're in Apache 2.4. That's assuming this is the .conf file your site is actually using. Do the .conf file and the .htaccess pertain to the same site? The only AllowOverride directives I can find say "None", meaning that your htaccess wouldn't even be read.

<tangent>
If you've got "Order Deny,Allow" and you've got "Deny from all" then the "Deny from..." lines at the end have become superfluous. But I do hope you've got mod_compat_thingy, because these are 2.2 directives.

Things that can happen when copy-and-pasting include various changes to white space--for example when I copy from Firefox, I tend to end up with an added blank space at the beginning--though this probably wouldn't lead to a lethal error. (I did some experimenting on my test site to confirm that I'm not talking through my hat.)

But first let's sort out the apparent mismatch between .conf and .htaccess

Edit: I grabbed the two files before the download links were edited.

[edited by: lucy24 at 12:16 am (utc) on Oct 29, 2017]

12:09 am on Oct 29, 2017 (gmt 0)

Administrator

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Aug 10, 2004
posts:11453
votes: 173


i got 500 internal server error

check your server error log file for clues.
1:18 am on Oct 29, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 890


@anthonyinit 2017 - using the javascript alone (without the header) will be successful in stopping a remote webpage from capturing your content.

Just know that all this is done in the browser. The remote site may iframe the URL of your page, but it is the browser that renders your page. Most modern browser support javascript. A few users turn it off, or use a browser extension to block it, but the majority of users browse the web with javascript on. That javascript stops the iframe from working in the browser.
1:50 am on Oct 29, 2017 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Oct 28, 2017
posts: 50
votes: 0


i will try to use this java code without .htaccess code

what if i change my server/web IP address will this fix my problem?

i found another 4 domain pointing to my website content under their domain name...

OMG i'm going crazy right now. google already dropped my website and up the fake website :(
1:59 am on Oct 29, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 890


what if i change my server/web IP address will this fix my problem?
No, after the DNS propagates to all the ISPs (where the browsers get it) the domain name will point to your new IP.

Did you look in your server's error log as phranque suggested? That should tell you the reason for the 500 error. It's likely to be just a syntax mistake and easily fixed.
1:06 am on Oct 31, 2017 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Oct 28, 2017
posts: 50
votes: 0


this is what my hosting provider (ISP) said to me


Those IP ranges belong to Cloudflare so the behavior makes sense. The owner of the domains you see probably has them still configured in Cloudflare with your VPS IP as target.

If you do not want the requests to reach your server, you may block the Cloudflare IP ranges on your server via firewall. The networks are listed here:

https://www.cloudflare.com/ips/

Here is an example iptables rule:

iptables -I INPUT -s 104.16.0.0/12 -j REJECT
1:40 am on Oct 31, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 890


Well that would be worth a try, however the problem is Cloudflare is a CDN (content distribution network) using potentially thousands of ip addresses.

The /12 is a huge block, so that just may do it. I'd keep a very diligent watch on your raw server logs for a couple months to see if any hits are coming from beyond that /12 block.
1:49 am on Oct 31, 2017 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Oct 28, 2017
posts: 50
votes: 0


so should i log into my terminal as root and simply add the given command ?

iptables -I INPUT -s 104.16.0.0/12 -j REJECT


thank you
3:09 am on Oct 31, 2017 (gmt 0)

Administrator

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Aug 10, 2004
posts:11453
votes: 173


Whenever you get a 500 internal server error you should have a corresponding entry in the server error log file. What did the server error log file tell you?
3:17 am on Oct 31, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 890


You could do that, and it is one of the common defense approaches to block server farm IP ranges. I block about 6k ranges, including that CF range, read here: Blocking Methods [webmasterworld.com]

However, it will *not* fix the problem you are reporting. Your ISP is not understanding what is happening.

If in fact your content is being iframed, and it certainly sounds like it is, blocking the IP address of the offending website has nothing to do with that iframe. They are not *linking* to your site. They are not *requesting* your content.

Your content is being served to users by your own server, just remotely and inside an iframe located at another webpage. That's why you need to block iframes.

A better use of your ISP support team would be for them to assist you with the proper syntax to install the above mentioned header.
3:27 am on Oct 31, 2017 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Oct 28, 2017
posts: 50
votes: 0


@keyplyr i agree with you on this definitely this has something to do with iframes so i gave up on blocking IP's now i'm only going to focus on iframe issue only... let me try to add you js code u have given me and if i get 500 error i will post here my log data... so u all can help me

thank you all so much for your continuous support i really appreciate it.
10:52 am on Oct 31, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 890


Don't overlook phranque's advice. Check your server error log if you get a 500 error and work with your host to get that header installed.
8:51 am on Nov 1, 2017 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Oct 28, 2017
posts: 50
votes: 0


ok i will thank you all... i will keep u all updated :)
12:41 am on Nov 2, 2017 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Oct 28, 2017
posts: 50
votes: 0


haha congradz to me this is what my hosting provider told me

Dear Sir,

Thank you for your message.

The domain fakedomain.com does not appear to be using an iframe to fetch the data from your server. It is more likely that it is getting the data through some other method and automatically editing the source code to replace the links. We could try a few different approaches to block this behavior, unfortunately this exceeds our regular support and would have to be done by one of our specialists. This service would have to be charged with 25.00 EUR per 15 minutes and parts thereof. We do not know how long it would take to find a working solution for this, but we expect it to take at least 45 minutes, which is why we would need a payment of at least 75.00 EUR upfront. In case we find a solution faster than expected, we would of course only charge for the time we actually needed and the remaining amount would stay in your user account to cover future invoices. In case the estimated time does not suffice, we will of course contact you again before additional costs arise.


i gave up
1:50 am on Nov 2, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 890


What do you see when you examine the source code at the offending site? What type of HTML tags surround your content?

The proactive defensive blocks for remote iframes is something every website should use whether this is the cause of your hijacked content or not.

Another common method to scrape content are the various RSS feed checkers & fetchers. They scrape your content and display them remotely and never leave a trail. I recommend blocking them all, especially Google's feedfetcher. More info here: [webmasterworld.com...]
1:01 am on Nov 3, 2017 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Oct 28, 2017
posts: 50
votes: 0


someone who actually saw my website and fake website and he/she reply me with this

Got a PM with the actual domains. The other sites are using cloudflare it appears. One domain is indeed no longer resolving. The other is showing OP's page and not removing their name from it. This leads me to think cloudflare is pointing to the server IP. The good news is, you can block cloudflare's grabs easily but putting denies in .htaccess for their IPs. 
1:15 am on Nov 3, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 890


Well that may in fact be what is happening, so blocking that range would be worth considering. Also consider sending Cloudfare support an explicit email asking them to remove your server IP from their config.
1:22 am on Nov 3, 2017 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Oct 28, 2017
posts: 50
votes: 0


is there any code for me to block that range of IPs any help for this poor guy :(
2:16 am on Nov 3, 2017 (gmt 0)

Moderator from US 

WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 890


You posted it above. I assume that is the correct syntax. Sorry, I'm not familiar with how your terminal is set up.
4:02 am on Nov 3, 2017 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Oct 28, 2017
posts: 50
votes: 0


oh yeah let me try to add those IPs and see :)
This 78 message thread spans 3 pages: 78
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members