Navigation
Archive / Prevent Websites from using your domain URL
This is archived content. Visit our new forum.
  • Author
    Posts
  • April 24, 2015 at 8:30 am #257545

    Kristian73
    Participant

    I realize this isn’t exactly a Theme issue, but I was hoping someone might be able to give me some insight.

    Recently, my website was attacked and I came to find various URLs in Google searches that use my domain name to sell prescription drugs and the like.

    For example, my website is http://ohiofestivals.net but there are pages such as http://ohiofestivals.net/prednisone/cheap-prednisone-20-mg-in-usa/

    If you view the source, it shows it comes from http://www.gogetrx.com/ but they are masking their URL to make it look like mine.

    Is there any code I can enter to prevent them from doing this? Maybe in my .htaccess file.

    Thanks for any help you can give!

    Kristian

    April 24, 2015 at 9:49 am #257595

    Michael
    Participant

    Hi. Um… anything given in the path (/prednisone/cheap-prednisone-20-mg-in-usa/) is located on the server ohiofestivals.net.

    Has your server maybe been compromised? It seems like someone might have inserted an alias or a redirect or something into your webserver configuration.

    Something like:

    Alias /prednisone/cheap-prednisone-20-mg-in-usa /var/www/some/dir/here/
    or
    Redirect permanent /prednisone/cheap-prednisone-20-mg-in-usa http://www.gogetrx.com

    would achieve this effect on apache.

    Also, I just did a telnet to your site, and it appears the file is being served up locally, so it looks like somewhere on your server there’s an index.html file with that content in it:

    # telnet ohiofestivals.net 80
Trying 65.254.248.89...
Connected to ohiofestivals.net.
Escape character is '^]'.
GET /prednisone/cheap-prednisone-20-mg-in-usa HTTP/1.1
Host: ohiofestivals.net

HTTP/1.1 200 OK
Date: Fri, 24 Apr 2015 14:46:43 GMT
Content-Type: text/html
Content-Length: 31796
Connection: keep-alive
Keep-Alive: timeout=30
Server: Apache/2
X-Powered-By: PHP/5.5.6
Vary: User-Agent,Accept-Encoding
Accept-Ranges: bytes
Age: 0

<!DOCTYPE html>
<html>
<head>
                <base href='http://www.gogetrx.com/'>
...
    April 24, 2015 at 10:28 am #257619

    Kristian73
    Participant

    Yes, something happened to my website and quite a few files were put in my directory. I thought I had cleared them all out with scanning and getting things right again.

    Thanks for your help! I’ll look for this and see if I can find it.

    I really appreciate it!

    April 24, 2015 at 12:25 pm #257707

    Nico
    Moderator

    You’re most welcome.

    Let us know how it goes.

    Thanks. Have a great day! 🙂

    April 24, 2015 at 1:54 pm #257762

    Michael
    Participant

    Be sure to check out your apache config files. look in apache.conf to find any “Include” statements, and then check those files for references to anything suspicious.

    April 24, 2015 at 8:12 pm #257948

    Darshana
    Moderator

    @g9hv6gt8 … Thank you for your contribution 🙂

  • Author
    Posts