Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
We noticed that a hacker created a domain and configured DNS to point it to our server’s IP address.
We are using apache2.x on Ubuntu. There is a ‘default’ file in apache’s /etc/apache2/sites-available directory and it looks like the the hacker’s domain is using ‘default’ apache configuration file to display our web content in their domain.
How can we prevent this? Can some one post a ‘default’ apache configuration file as an example?
Unknown domains that come into apache over the specified ip and port will be directed to the first virtual host, thus the 000-default file. Your best bet is to make the 000-default host return a 400 or 500 error (or some explicit message saying the domain doesn’t belong) and use explicit virtualhosts for each of your sites.