htaccess的 - 拒绝未经授权的域名的请求 [英] htaccess - Deny requests from unauthorized domains

问题描述

我有一个网站www.mysite.com，它有一个自己的IP。现在，因为几个月里，我看到几个域名指向我的IP服务器（这不是一个共享IP）。我可以浏览直通与那些未经授权的域名的整个网站，他们获得索引在谷歌和我的内容和所有的。

I have a website "www.mysite.com", and it has an its own ip. Now since few months I see several domains pointing to my ip server (it's not a shared ip). I can navigate thru the entire website with those unauthorized domains, they get indexed in google with my contents and all.

我该如何设置我的htaccess允许请求只为www.mysite.com？

How can i set my htaccess to allow requests only for "www.mysite.com" ?

更新

这是我写到目前为止与建议。htaccess的，但不知何故第一页仍然是服务，没有图像寿

this is the .htaccess I've written so far with the suggestions, but somehow the first page is still served, with no images tho

的.htaccess

.htaccess

SetEnvIfNoCase Referer "^http://(www.)?thiefdomain.com" spam_ref  
SetEnvIfNoCase Referer "^http://(www.)?thiefdomain2.com" spam_ref2


<FilesMatch "(.*)">  
    Order Allow,Deny  
    Allow from all  
    Deny from env=spam_ref  
    Deny from env=spam_ref2  
</FilesMatch>  

RewriteEngine On  
RewriteCond %{REQUEST_FILENAME} -s [OR]  
RewriteCond %{REQUEST_FILENAME} -l [OR]  
RewriteCond %{REQUEST_FILENAME} -d  
RewriteRule ^.*$ - [NC,L]  
RewriteRule ^.*$ index.php [NC,L]  

我怎样才能避免第一页显示？

How can I avoid the first page to be displayed?

推荐答案

如果你想要做的mod_rewrite，你可以检查 SERVER_NAME 来阻止未经授权的域：

If you want to do with mod_rewrite, you can check SERVER_NAME to block unauthorized domains:

RewriteEngine on
RewriteCond %{SERVER_NAME} ^(www\.)?thiefdomain1\.example$ [OR]
RewriteCond %{SERVER_NAME} ^(www\.)?thiefdomain2\.example$ [OR]
RewriteCond %{SERVER_NAME} ^(www\.)?thiefdomain3\.example$
RewriteRule ^ - [F]

或

RewriteEngine on
RewriteCond %{SERVER_NAME} !^(www\.)?yourdomain\.example$
RewriteCond %{SERVER_NAME} !^(www\.)?yourdomain-alias\.example$
RewriteRule ^ - [F]

---

如果你有root权限，你也可以解决与基于域名的虚拟主机的问题如下：

---

If you have root privileges, you can also solve the problem with name-based virtual hosting as follows:

NameVirtualHost *:80

<VirtualHost 192.0.2.100:80>
  ServerName dummy
  <Location />
    Order deny,allow
    Deny from all
  </Location>
  ...
</VirtualHost>

<VirtualHost 192.0.2.100:80>
  ServerName www.yourdomain.example
  ServerAlias yourdomain.example
  ...
</VirtualHost>

第一个虚拟主机定义被视为默认虚拟主机。如果192.0.2.100访问为thiefdomain1.example，thiefdomain2.example，thiefdomain3.example，或任何其他主机名，除了www.yourdomain.example或yourdomain.example（在第二个定义虚拟主机），阿帕奇是指第一个虚拟主机键，返回403禁止状态。

The first VirtualHost definition is treated as a default virtual host. If 192.0.2.100 is accessed as thiefdomain1.example, thiefdomain2.example, thiefdomain3.example, or any other hostnames except for www.yourdomain.example or yourdomain.example (defined in the second VirtualHost), Apache refers the first VirtualHost and returns 403 Forbidden status.

这篇关于htaccess的 - 拒绝未经授权的域名的请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！