1

So my website is being mirrored by another domain name, I tried many ways to block the access from that specific domain but no hope, I am using cloudflare CDN and the website mirroring my site using it too, I tried to get the remote address of the origin but it keeps randomly changing IPs (this method I found it here, basically get the remote address and block it using htaccess roles). tried the http refer method and it didn't work too.

is there any method that could help ?

Allae Eddine
  • 13
  • 2

2 Answers2

0

If you want a public website, no, you cannot stop anyone from copying your site. You CAN stop copyright infringement, etc. Or stop them from selling your services. You should also be able to stop them from hotlinking content on your site from a different domain. But at the end of the day, what you are trying to prevent is exactly what archive.org does. Is it causing a problem?

DubStep
  • 270
  • 2
  • 9
  • yes, with google results, eventhough I added the copy to disavowed domains, still google getting it into result and visitors are confused about the copy and the real one – Allae Eddine Jul 06 '20 at 19:42
  • You would have more control of search results if you setup your site in Google custom search and search console. The other site will still be there, but should be lower in the results. You could also report the offending site to their web host. Most hosts will shutdown sites they host that are fraudulent. Making your site an authenticated site would do it too, although users would have to sign in to see content. At the end of the day, there isn't much you can do, other than using a recognizable domain name and relying on your users to be smart about what they click on. – DubStep Jul 15 '20 at 19:34
0

First, turn on "I'm Under Attack" in your CloudFlare settings. This will stop most bots that impersonate user agents well enough to get by normal checks.

Second, if you know specifically which requests correspond to the agent which is copying your site, you can do things like analyze its User-Agent and other HTTP headers to see if there is anything unusual about them that you might use to block those requests, even if they change IP addresses.

If that proves too difficult or not feasible, then you might also consider enabling mod_security, which blocks a lot of malicious traffic, and may also block that specific scraper.

Once you've found something that successfully blocks the bot, you should make sure that I'm Under Attack is turned back off, as it does slightly inconvenience your legitimate visitors also.

Michael Hampton
  • 244,070
  • 43
  • 506
  • 972
  • Thank you, I appreciate your help. – Allae Eddine Jul 07 '20 at 17:56
  • Things to note...it's SUPER easy to change a user agent, even on a standard browser. It's beyond easy to do if you are the writer of an application. Using mod_security cannot prevent the above. Adding authentication to a site would be more idealistic. – DubStep Jul 15 '20 at 19:28
  • @DubStep Authentication? How does that make sense for most web sites? – Michael Hampton Jul 15 '20 at 19:36
  • I guess about as much sense as blocking user agents or employing mod_security to do so does? But that's the besides the underlying point, which is you can't stop someone from copying or duplicating an anonymous website. The best bet is to attack it from the host side. Google can't index a site that isn't there. – DubStep Jul 15 '20 at 21:10