security - django page got hacked - how to react? -
my original page http://www.stahlbaron.de/
since 2 days, http://www.joma-topflex.ru/ pointing page. realized , added allowed_hosts = ['.stahlbaron.de']
, didnot help. bad url still pointing page.
what can do? used nginx, uwsgi deploy page. ngix doesnot have deny www.joma-topflex.ru;
option unfortunately.
there 2 possibilities:
the owner of copy stole code , database, unlikely. can checked — add change page on website , see if appears on doppelgaenger. if copy independent nothing change there. don't forget use ctrl+f5 avoid seeing cached contents.
if case, can report abuse copy's hosting provider. in fact, should in case.
if copy proxied mirror website, blocking ip solve problem. can in nginx modifying configuration this:
geo $bad_client { default 0; 78.47.49.3/32 1; } server { ... if ($bad_client) { return 403; } add_header x-frame-options sameorigin; ... }
this idea set header x-frame-options sameorigin (see example above), guarantees nobody make copy of site on domain using iframe.
edit:
and gets funny. happens here this: (probably long) time ago bought hosting package hetzner, registered domain www.joma-topflex.ru , pointed ip hetzner had given him or her. , ip was, might have guessed now, 78.47.49.3.
after while person lost interest project , stopped paying hetzner. hetzner, in turn, reassigned ip new client — you. domain name www.joma-topflex.ru had never been pointed ip domain's owner, happens abandoned projects.
so, there no bad guy here. owner of www.joma-topflex.ru doesn't know domain works once again.
the real problem here nginx configuration, proxies request server django application. need explicitly set domain acceptable server name this:
server { # delete other server_name find around , add this: server_name www.stahlbaron.de; ... }
the funny part is, can use domain www.joma-topflex.ru long points server. example, can add server block nginx configuration, set directive server_name "www.joma-topflex.ru" , use django application, or whatever else like.
edit 2:
incidentally, domain joma-topflex.ru paid till 2015.04.26 , not prolonged. in other words, can nothing , problem solve in 2 days.