Fix - Website Cloned to Another Domain After Switching Hosting

Imagine a situation, you recently shifted to Cloud VPS hosting and after few days you see that your website is completely cloned by another domain, ranking same stuff in Search Engine.

Onced I had faced this problem and situation was embarrassing due to funky domain name where everything was indexed. :flushed: :man_facepalming:

Cloud Hosting - Static IP could be a reason for this problem

Any domain on Internet is being pointed to its web hosting via DNS records. After switching to a new web hosting, this problem you may face due to your Dedicated IP address . When you purchased some higher plan web hosting, you get a dedicated IP also. Interesting thing is, the IP which you have got for your server, the previous web hosting user at same company, might be still using the same IP address. Chances are they forget to update it at DNS records. So, from their domain your website is totally cloned. You can easily prevent unauthorized domains from serving your website content.

Procedure to take down a clone website

  1. Via FileZilla or SSH, go to public_html root directory
  2. Edit a file called .htaccess
  3. Add below code and save changes.
# Whitelist domain
RewriteEngine on
RewriteCond %{SERVER_NAME} !^(www\.)?yourdomain\.com$
RewriteRule ^ - [F]

Or,

# To whitelist multiple domains
RewriteEngine on
RewriteCond %{SERVER_NAME} !^(www\.)?yourdomain\.com$
RewriteCond %{SERVER_NAME} !^(www\.)?yourdomain\.net$
RewriteCond %{SERVER_NAME} !^(www\.)?yourdomain\.org$
RewriteCond %{SERVER_NAME} !^(static\.)?yourdomain\.org$
RewriteRule ^ - [F]


Updating .htaccess Apache rule using Yoast SEO plugin File editor option

After adding the .htaccess rule, check other domain again. You will no more see there any content. This problem resolves here. I hope this quick tutorial will help you in the right direction.

For NGINX

When someone will access over IP they will see …

# If hostname doesn't matches return empty response else force HTTPS
server {
    listen 80;
    listen [::]:80;
    server_tokens off;
    if ($host !~ ^(example.com|www.example.com)$ ) {  return 444; }
    return 301 https://$host$request_uri;
}

image

Alternative approach (My favourite way)

  1. Set your server to not listen over port 80
  2. Enable Cloudflare Proxy for your DNS non-www, www, subdomain whatever you want to protect
  3. Install Cloudflare Origin SSL at your server. It’s a wildcard SSL with 15 years max validity. :heart_eyes:
  4. Enable Automatic HTTPS and Authenticated Origin Pulls at TLS/SSL settings of Cloudflare.
  5. Put below code in Apache Virtual host file
   # Enable Cloudflare Origin SSL with Authenticated Origin Pulls | Apache
   SSLEngine On
   SSLVerifyClient require
   SSLVerifyDepth 1
   SSLCACertificateFile /etc/ssl/cloudflare/origin-pull-ca.pem
   SSLCertificateFile /var/www/example.com/ssl/cert.pem
   SSLCertificateKeyFile /var/www/example.com/ssl/private.pem
   For more details read at https://origin-pull.cloudflare.com/
  1. This way your site can be accessed only and only over valid hostname and Cloudflare proxy, else it will return ERR_BAD_SSL_CLIENT_AUTH_CERT one cannot bypass Cloudflare this way.

Bonus tip: Make Web Firewall Really Effective!

Some host offer multiple addresses to access WordPress site such as …

  • By accessing the site over static IP xx.xx.xx.xxx

  • or using Temporary Application URL (wordpress-11111-111.example.com)

As a result, it can be vulnerable for bypassing Web Firewall.

To prevent this from happening, the above trick can be applied. I have seen, similar things recommended by Sucuri at IP level.

4 Likes

Note: Do not use the second method, if you’re using Ezoic Ads on your website.

1 Like

I have not checked with Ezoic. Does that way return any error?

No error. But Ezoic will stop ad serving until you turn off Authenticated origin Pulls from cloudflare. Happened with me.

Likely possible…

@GulshanKumar
Yeah. My account manager mailed me to turn it off.