While doing a Google search for a site i'm hosting I noticed that another domain is being pointed at my website. Strange and suspicious I thought.

Can someone tell me why this might happen ?
my site is http://www.whitbyplumbing.co.uk , but I can see http://www.vipscasino.net is pointing to my site.

Originally my nginx.conf server entry was blank but I've now changed to server http://www.whitbyplumbing.co.uk and restarted. But If go http://www.vipscasino.net I can still see my site.

Any advice would be great.

It looks like vipscasino.net belongs to another Linode customer and its DNS records haven't been modified in six months. Most likely, that customer misspelled their IP address, or their IP address changed months ago, they forgot to update everything, and the IP eventually found its way to you.

There isn't much of anything you can do about it -- you can't stop people from putting silly things in their own DNS records. You could write 'em an email, or something, but that seems excessive to me.

As for Nginx, even if you give your server block a name, when Nginx receives unrecognized names from clients, it will still use the first vhost as the default unless you configure it otherwise, by putting another vhost first, or using the `default_server` parameter of the `listen` directive.

You could create another vhost that just does a redirect to your website or returns an error or empty 'Hello World' page or somesuch.

_________________
Matt Nordhoff (aka Peng on IRC)

I just get a 404 right now.

_________________
--
Chris Bryant

Thanks for the replies.

I've put a ticket in with support they have contacted the account owner and requested an edit of their DNS records.

As this post maybe of use to someone in the future. I put the following in nginx.conf to return a "not found" unless its a valid domain on the server.

## Deny illegal Host headers.
if ($host !~* ^(http://www.whitbyplumbing.co.uk)$ ) {
return 404;
}

Regards
Andy

I'd put a picture of tubgirl or similar on the site so any request from that DNS name gets shown that picture

_________________
Rgds
Stephen
(Linux user since kernel version 0.11)

Alternatively, as a sample of what mnordhoff was referring to, just have a default server block to "absorb" any bad requests. I use:

    server {
        listen  [::]:80 default_server;
        location / {
            return 444;
        }
        access_log /...path.../host-bad.log;
    }

I use the separate access log in that block so I can peek in occasionally to see the myriad of bad names I'm getting requests for. I also use 444 since I have no inclination to give a bad request a response at all, and that causes nginx to simply close the connection. You can of course do anything else in this block instead. (This sample is also configured for IPv4/6, so remove the "[::]:" prefix if the rest of your configuration is IPv4 only)

An advantage to this approach is that you don't need to duplicate your server names (both in your conditional check and your server blocks), though that's less of an issue if you only have a single server name. The above block just catches anything not covered by any other server block.

-- David

Many thanks for that advice

I had to look that pic up. lol nasty