1

I want to restrict my domain so that no one can do CNAME of my domain.

Suppose, I have my domain(example.com) and someone has another domain(xyz.com).

There is a game application running on example.com.

Nothing is running on xyz.com.

Someone has done CNAME of his domain(xyz.com) to my domain(example.com).Now the xyz.com is pointing to my game application.

How I can restrict people using my domain and I want to restrict it on

a) DNS level

b) Server level

Please help me to sort it out?

Rakesh Burbure
  • 1,045
  • 12
  • 27
Jithin Justice
  • 231
  • 1
  • 5
  • 15

1 Answers1

3

Everyone will always be able to create CNAME pointing to your domain. That's something you can't prevent.

On the server level you can check (in .htaccess for example in Apache) which domain is requested and if it does not match yours, redirect the request somewhere else:

RewriteEngine on
RewriteCond %{HTTP_HOST} !example.com$
RewriteRule . http://redirect.page.com [R=301,L]

In Nginx:

if ($host != 'example.com') {
  rewrite . http://redirect.page.com permanent;
}

You should also configure CORS so assets like scripts, stylesheets and images load for your domain only.

Mike Doe
  • 16,349
  • 11
  • 65
  • 88
  • 1
    You don't really need this explicit check, you just need to configure a named (virtual) server for your domain, and all requests not matching that domain simply result in a 404. – deceze Feb 23 '18 at 10:38
  • 1
    Apache will actually serve the first VirtualHost in case any ServerName or ServerAlias is not matched – Dusan Bajic Feb 23 '18 at 10:44