I turns out this is just an apache (or any server) trick called reversed proxy.
To create such a scam mirror from your vps to facebook for instance, use this in one of your virtual host:
Code: Select all
<Location "/">
ProxyPass "https://www.facebook.com/"
</Location>
Here is my code (I'm using ssl in this case):
Code: Select all
<IfModule mod_ssl.c>
<VirtualHost *:443>
SSLEngine on
SSLProxyEngine on
ServerName www.mydomain.com
ServerAlias mydomain.com *.mydomain.com
ServerAdmin somebodygmail.com
DocumentRoot /myphp/mysite/www
<Directory "/myphp/mysite/www">
Options FollowSymlinks MultiViews
AllowOverride All
Require expr "%{HTTP_HOST} == 'mydomain.com'"
</Directory>
ErrorLog /var/log/apache2/somelog.log
SSLCertificateFile /etc/letsencrypt/live/mydomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
#<Location "/">
# ProxyPass "https://www.facebook.com/"
#</Location>
</VirtualHost>
</IfModule>
You see the line:
Code: Select all
Require expr "%{HTTP_HOST} == 'mydomain.com'"
It basically says: if the host is not mydomain.com, deny the access. Now the scam site can setup a reverse proxy to your website if she wants,
but (hopefully) she cannot fake her host.
So, fuck her (and I'm being polite).
Hope this helps.