CoolComputing Logo
Coupons/Deals  ·  New Promo Codes/Coupons  · February 19, 2018

Block/Prevent Domain Name That Is Not Yours from DNS Resolving to Your IP/Server in Apache

Posted on Sunday, May 22, 2011 @ 01:01:06 AM CDT by David Yee [] [read 3058 times]

 
Tips: Linux/Unix world
Many of our websites allows people to make comments, and we get an email whenever there is a new comment, and that email will contain the domain name so we know where it came from. Recently I noticed that there were some comments from a strange domain that does not belong to us. For the purposes of this article I'm calling the unauthorized domain "hacker-domain.jerk", and that our actual domain is "coolcomputing.com" hosted at the IP address of 1.2.3.4. What was happening was that someone nefarious set up their domain name to DNS point at our web server (running Apache). This can potentially hurt a site because of duplicate content problems. Someone searching on Google for "coolcomputing.com latest coupon codes" can see the same exact pages located at hacker-domain.jerk. It could be a prelude also to hacking attacks as well, so this is something you definitely want to address as a webmaster to prevent problems.

Basically the person who owns the domain name hacker-domain.jerk configured its DNS to resolve to our IP of 1.2.3.4. Apache takes the first VirtualHost entry for each IP and sets that up as the default to use if someone accesses it directly by IP address. So the solution of this problem also applies to those of you who want to block direct IP access to your website/domain.

We have multiple IP addresses on our server running Apache using Named Based Virtual Hosting. So I wanted to find a catch-all solution that would work for all IP address in httpd.conf. But it seems that no such solution exists. So this has to be done for every single IP address you have on your server.

For this to work, you need to put the following right below the NameVirtualhost for each IP you have in httpd.conf, so that it is the FIRST VirtualHost entry for that IP.

<VirtualHost 1.2.3.4>
ServerName Blahblah.BlahBlahBlah.notmatched
DocumentRoot /home/www/default/htdocs
<Directory "/home/www/default/htdocs">
Deny from all
</Directory>
</VirtualHost>

ServerName Blahblah.BlahBlahBlah.notmatched can be replaced with any non-existant domain name. It is very important that you have the ServerName entry here because otherwise it will match ANY domain in your NameVirtualhost section. For instance I found out www.coolcomputing.com was getting a 403 error page when ServerName was missing. You also have to make sure that the directory /home/www/default/htdocs exists (or whichever you select to replace that directory).

After you edit your httpd.conf, restart Apache, direct IP access attempts or traffic from any unauthorized domain name that is not yours should be blocked.

For a related issue check out my article on how to handle a situation where you want to redirect an unforseen subdomain to your www subdomain.



Please rate this article or post a brief review of Block/Prevent Domain Name That Is Not Yours from DNS Resolving to Your IP/Server in Apache or comment on benchmark/performance, features, availability, price or anything else regarding Block/Prevent Domain Name That Is Not Yours from DNS Resolving to Your IP/Server in Apache. Thanks!

Block/Prevent Domain Name That Is Not Yours From DNS Resolving To Your IP/Server In Apache Rating: 3.4/5 (34 votes cast)

Your Name:
I have read and agreed to the Review Posting Agreement.
Review Title:
Comment/Review: