Another domain is pointing to my http version of my site. Noobish questions

I guess this is kinda of a 2 part question. So I have been trying to learn web-development but my life is a mess and I hack away on and off. I built this site a year ago and kinda forgot what or how I did what I did. I just now discovered that I have this issue with another person's domain pointing to my website.

My website is [myrealname].com because I'm not afraid of giving out my real name to people I do garden business with. The problem is that when I go to search engines and wrap my name in double quotes, my website pops up as first result which is great, but the domain name is someone else's and it points to a non-ssl version of my site.

At first I thought that it was just someone who scraped the site and copied and pasted it into their server, but when I update my html on my linode, their site is updated instantly, so I think that it is their domain, pointing to my IP. I dont know if this is malicious or not.

I also don't want my site to be reached by IP address, and I really only want access to the https version of the site. Their domain points to the http version. How do I fix this?

I am running debian 10 with apache2 webserver.
Here is an example of my directory: /etc/apache2/sites-enabled
[myname].com.conf [myname].com-le-ssl.conf

This is the [myname].com.conf document

VirtualHost *:80

    ServerAdmin mail@[myname].com
    ServerName [myname].com
    ServerAlias www.[myname].com
    DocumentRoot /var/www/[myname].com

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    RewriteEngine on
    RewriteCond %{SERVER_NAME} =[myname].com [OR]
    RewriteCond %{SERVER_NAME} =www.[myname].com
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

/VirtualHost

This is the [myname].com-le-ssl.conf document

IfModule mod_ssl.c
VirtualHost *:443

    ServerAdmin mail@[myname].com
    ServerName [myname].com
    ServerAlias www.[myname].com
    DocumentRoot /var/www/[myname].com

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

SSLCertificateFile /etc/letsencrypt/live/[myname].com/fullchain.pem

SSLCertificateKeyFile /etc/letsencrypt/live/[myname].com/privkey.pem

Include /etc/letsencrypt/options-ssl-apache.conf

/VirtualHost
/IfModule

Sorry I couldn't figure out the markup to make the block quote look like the document. Pressed for time like everyone else.
Thank you so much for your time and energies.

6 Replies

This is an interesting situation!

I could certainly see this as possible if a) the other domain had at some point been pointed to the IP address your Linode is now using, and b) your Linode answers with your website regardless of the domain name.

I see from the files you have put on here, you do have a HTTP->HTTPS redirect in place, but only where the HTTP Host header matches [myname].com.

So the question is what is your “default” server’s document root? Does that also point to your website folder? You’d be looking for a file like /etc/apache2/sites-enabled/000-default.conf which will also have a DocumentRoot directive.

As far as a solution goes, you can’t do anything about the other domain pointing to your Linode, that’s out of your control. But you could put a 301 redirect on your default server, to redirect any requests where the host name does not equal [myname].com, to https://[myname].com.

That way any request to your server will get redirected to the correct URL of your site, and search engines should eventually replace the other domain with yours, following the 301s.

Thanks for your swift reply, Adysh.
I seem to have removed the 000-default.conf file from that directory.
I'm not sure why I did that. Am I supposed to keep the default-000.conf file? I thought the default was the [myname].com.conf file, and that redirect was pointing all traffic to the https version.

I have a hunch that this is a result of what you described in possibility a).
But I don't know if I can request a new IP for my existing node, or if I would have to make a new one.

I'll need to do some more research on the 301 redirect.
I guess I really don't understand what I'm doing and now I'm really confused.

Edit: Here is an .htaccess file that I put in the root directory of [myname].com.conf

Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^[my].[recycled].[IP].[address]$
RewriteRule ^(.*)$ https://[myname].com/$1 [L,R=301]

I really don't understand the syntax at all, and the whole canonicalization I read about in this guide made me pull hair for a while before I made the .htaccess file :\

I'm sorry, I'm a nurseryperson/gardener and I just switched to Linux around 2018, and started learning this sort of stuff around end of 2019. during the last year, alot of memory was lost due to life struggles. I'm barely pulling myself and my family back together.

Thank you so much again.

Found something interesting by accident today. Apparently Malwarebytes Browser Guard is or was blocking some domains with a .club domain due to phishing and other common uses by scammers.

You can read the article here

The domain name that seems to be "hi-jacking" my IP address is a .club domain, and was registered the same day I migrated my site to another node. The reason I moved it was because my main node was originally hosting [myrealname].com, as well as a website with some paranormal research I enjoy doing (which at this point can put a "price on your head" due to certain governments cracking down on "misinformation").

Anyways, the .club domain was registered with namecheap just as [myrealname].com is. [myrealname].com was actually transferred over from Google services, because it was originally bought as a package with Wix.com site building service, along with an email for the Gsuite. Anyways that original email (that I cant seem to close the account for) was involved in this hack which to me, seems to have ties to using wix (Israel spying company?) and my utilization of their Google Plus for my old garden business, registered under my legal name. This was before Google+ got hacked back in 2017-2019 or whatever it was.

I may just be a bit paranoid, but something tells me I'm on a short list you don't want to be on, considering the nature of topics I've been speaking of, on and offline.

Perhaps I'm slowly figuring out why it is I cant seem to find employment in a time of a "labor shortage", unless the employer is a small "mom&pop", someone paying me under the table, and/or HR is not connected to any major databases.

@pastlife Without knowing the actual domain name, it's hard to impossible for any of us to diagnose or see what's going with your site.

Without knowing the actual domain name, it's hard to impossible for any of us to diagnose or see what's going with your site.

Couldn’t agree more. Domains and DNS records are - by design - public information. There is no need to obfuscate them when you’re asking for help about them.

Well I'm the one who let himself get pwned already. I'm just trying to learn enough to earn an income somehow.

The domain that is "hijacking" my IP is freelancerdigitals.club
Dont know why I get so paranoid, I cant afford to scrub my name from all those people search databases. I dont even use a VPN anymore.

I'm past life anyways. Maybe I'll be a net-security know it all next time around.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct