-1

My website is www.somedomain.com Today, when I googled for it, I saw another domain www.fakedomain.com (set up from another country) which had my website's content. They had used a DNS CNAME of www.fakedomain.com to point to www.somedomain.com I made client side(Javascript) and serverside scripting changes so that visitors come to my website if the URL does not contain "somedomain.com" but I want to block such attempts.

I am running Win 2008 R2 with IIS 7, using Cisco ASA 5505 firewall, dotDefender as web application firewall.

  1. Can I block www.fakedomain.com at a firewall level?

  2. I know in IIS, I can do reverse Domain Name System (DNS) lookup, but hear it is resource intensive. Are there any other options?

Any advice would be helpful.

Thanks

Chris H
  • 1
  • These folks usually find ways around blocks. – ceejayoz Jun 02 '15 at 01:47
  • What type of firewall? You can try blocking their IP, /24, country. Depending on how much the offender cares they could work around it fairly easily, but if their interest isn't strong they may not bother. – Daniel Agans Jun 02 '15 at 02:22

1 Answers1

0

Given that it's extremely unlikely that the server hosting fakedomain.com is also the offender's development machine (although not impossible), it's unlikely that blocking fakedomain.com from accessing somedomain.com would be effective. In any case, there's nothing to stop them stealing content from your website using any dynamically assigned public IP address, and then uploading it to their server.

Seems to me this is actually a copyright infringement issue, more so than a technical issue. If I were the administrator of somedomain.com, I would be using a whois search to track down the culprit, and report it to the relevant authorities in their country. And in the meantime I'd report the infringement to their hosting provider as well, and ask them to take down the offending content.

(For that last part you can probably google Dallas Buyers Club for a reasonable template ;) )

Matt
  • 1,893
  • 5
  • 28
  • 40
  • 1
    We get this question fairly often actually. It's almost always a scammer or some other form of nogoodnick trying to leech search engine reputation off of your webserver content. (see Q&A linked above) – Andrew B Jun 02 '15 at 02:49
  • Ah ok I see! I may have misunderstood the question here; so OP is suggesting fakedomain.com points at their website via a CNAME? It's not actually stolen content being hosted elsewhere. Nice to see I'm in agreement with the Q&A on the last part though! – Matt Jun 02 '15 at 02:53
  • Yes, exactly. Right now it's best that your website have an "unhelpful" default virtualhost and only serve useful content if the correct host header is supplied by the browser. – Andrew B Jun 02 '15 at 02:59