On 2013-12-03 16:39, Francis Daly wrote:
On Tue, Dec 03, 2013 at 04:13:03PM -0500, Ian Evans wrote:
Hi there,
Yesterday, I discovered that someone had registered a site
(basically
taking our domain name and adding a word to it) and then framed our
whole site in theirs. By that I mean it's a full iframe job, with no
toolbars showing.
nginx sees the http request coming from the client.
Look at the http headers that you see getting to your nginx, when you
request your site directly.
Look at the http headers that you see getting to your nginx, when you
go to their site.
Play "spot the difference".
Most likely, the only some-bit reliable difference is in the Referer:
header. But maybe you can see something else, when you use the
browsers
that you care about.
Not sure what they're up to, but I'd like to stop it. I know I can
use
a framebuster, but I'm wondering what I can do on the nginx.conf end
to
stop them dead in their tracks so not an ounce of our bandwidth goes
to
them.
You can't, reliably.
You can, for browsers that send a Referer: header of their site,
return
different content -- either a simple rejection using something like
http://nginx.org/r/valid_referers; or tailored content that indicates
what you think of the framing site, or whatever else you can imagine.
Thanks for the info. I'll have to take a look. I'm also hoping to get
them shut down as I've talked to their registrar. I'm hoping they
grabbed a whole bunch of domains to vampire and not just mine. If it was
just us, that'd be creepy
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
