Post by lingtalfi » Sat Apr 07, 2018 5:27 pm

Hi, the same thing happens on one of my site.
I turns out this is just an apache (or any server) trick called reversed proxy.

To create such a scam mirror from your vps to facebook for instance, use this in one of your virtual host:

Code: Select all

<Location "/">
    ProxyPass "https://www.facebook.com/" 
</Location>
And to prevent it, I used a "Require expr" (expression, read the apache manual...).
Here is my code (I'm using ssl in this case):

Code: Select all

<IfModule mod_ssl.c>
        <VirtualHost *:443>
                SSLEngine on
                SSLProxyEngine on
                ServerName www.mydomain.com
                ServerAlias mydomain.com *.mydomain.com

                ServerAdmin somebodygmail.com 
                DocumentRoot /myphp/mysite/www
                <Directory "/myphp/mysite/www">
                        Options FollowSymlinks MultiViews
                        AllowOverride All 
                        Require expr "%{HTTP_HOST} == 'mydomain.com'" 
                </Directory>    

                ErrorLog /var/log/apache2/somelog.log

                SSLCertificateFile /etc/letsencrypt/live/mydomain.com/fullchain.pem
                SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.com/privkey.pem
                Include /etc/letsencrypt/options-ssl-apache.conf


                #<Location "/">
                #       ProxyPass "https://www.facebook.com/" 
                #</Location>
        </VirtualHost>
</IfModule>

You see the line:

Code: Select all

Require expr "%{HTTP_HOST} == 'mydomain.com'" 
That's the one you need (I'm no expert at apache at all, but at least in my case it solved the problem).
It basically says: if the host is not mydomain.com, deny the access. Now the scam site can setup a reverse proxy to your website if she wants,
but (hopefully) she cannot fake her host.
So, fuck her (and I'm being polite).

Hope this helps.

Newbie

Posts

Joined
Sat Apr 07, 2018 5:16 pm

Post by Dunald » Sun Apr 08, 2018 8:09 am

Hi! Sorry did not understand.
Where do I put what code to prevent a mirror-site?
In what way is the mirror stoped, is it still a mirror of my site when I use this or does the fake site no longer have access to my site?
Do I need to know that fake-sites URL or does it prevent mirror-sites in general?

Active Member

Posts

Joined
Tue Mar 15, 2011 9:05 pm
Who is online

Users browsing this forum: No registered users and 1 guest