Skip to content

Instantly share code, notes, and snippets.

@hongmengwang

hongmengwang/add_host_check.md

Last active March 18, 2018 08:33
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save hongmengwang/087042f51b304cd035b339fbeb27be09 to your computer and use it in GitHub Desktop.
Save hongmengwang/087042f51b304cd035b339fbeb27be09 to your computer and use it in GitHub Desktop.
Download ZIP
prevent web site being mirrored
Raw
add_host_check.md

I thought something before, when I check nginx's log, I found a wired hostname.

After checking, I think out website was mirrored.

I think they parsed their domain by CNAME to our domain, and we don't do any host check at that time.

To prevent being mirrored again, I add host check configuration in nginx.conf

set $flag 0;
if ($host = 'www.wanghongmeng.com') {
    set $flag 1;
}
if ($host = 'wanghongmeng.com') {
    set $flag 1;
}
if ($flag = 0){
    return 403;
}

By adding this, nginx will check every request to see if it's from our domain, if not, return 403 response code.

After this, our website was no longer mirrored again.

Nginx Version: 1.9.12

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment