Plone site appears under foreign DNS entry

tdkuehnel · January 16, 2020, 8:11pm

Hi all.
As a somewhat experienced plone user i deployed, set up and configured a new site to appear under a newly registered domain name.

Then, after running a few days, i got emails delivered through the contact form asking for assistance in SEO stuff and such - i see this as an unsolicited attempt.

Ignoring the mail, i found my site available under a second, foreign domain name also available on the net. The foreign domain entry resolves to the ip-address my plone instance uses.

So i THINK they set up an apache with a similar rewrite rule as mine to point to my plone site/content under THEIR domain entry.

Is there a way to configure the virtual host monster to accept only requests comming for a dedicated domain entry?

Here is my apache rewrite rule:
RewriteRule ^/(.*)
http://www.network-of-trust.de:8080/VirtualHostBase/http/%{SERVER_NAME}:80/network-of-trust/VirtualHostRoot/$1 [L,P]

Thoughts on every countermeasure welcomed.

calvinhp · January 16, 2020, 8:45pm

You really shouldn't let the %{SERVER_NAME} environment variable be used in your VHM rewrite rule for exactly this reason. I would recommend explicitly setting it to the canonical host name for your site so that links are always written with your FDQN in them that you control.

mtrebron · January 17, 2020, 7:47am

This could simply be a previous user of the ip address. In any case you can configure Apache to drop or redirect traffic which does not explicitly use your domain name.

Something along the lines of:

<VirtualHost example.com:80>
     ServerName www.example.com
     ServerAlias example.com *.example.com
     RewriteEngine On
     RewriteCond %{HTTP_HOST} !^www.example.com$ [NC]
     RewriteRule ^(.*)$ https://www.example.com$1 [R=301,L]
     LogLevel error
     CustomLog /var/log/apache2/example.com.access.log "vhost_combined"
     ErrorLog /var/log/apache2/example.com.error.log
     ServerAdmin webmaster@example.com
</VirtualHost>

<VirtualHost example.com:443>
     ServerName www.example.com
     ServerAlias example.com *.example.com
     RewriteEngine On
     RewriteCond %{HTTP_HOST} !^www.example.com$ [NC]
     RewriteRule ^(.*)$ https://www.example.com$1 [R=301,L]
     RewriteRule ^/(.*) http://127.0.0.1:8080/VirtualHostBase/https/%{HTTP_HOST}:443/example_com/VirtualHostRoot/$1 [L,P]
     LogLevel error
     CustomLog /var/log/apache2/example.com.access.log "vhost_combined"
     ErrorLog /var/log/apache2/example.com.error.log
     ServerAdmin webmaster@example.com
     SSLEngine On
     SSLCertificateChainFile /etc/ssl/private/example.com-chain.pem
     SSLCertificateFile /etc/ssl/private/example.com-chain.pem
     SSLCertificateKeyFile /etc/ssl/private/example.com-key.pem
     SSLCACertificateFile /etc/ssl/private/cacert.pem
</VirtualHost>

You could also add the bare ip address or that third party domain name to your server aliases.

tdkuehnel · January 24, 2020, 11:40am

That's totally making sense, thank you !

tdkuehnel · January 24, 2020, 12:00pm

Thanks, too.

I found on http://www.thesitewizard.com a useful post about exactly this topic which came to the same rewrite rule:

  RewriteCond %{HTTP_HOST} !^www\.network-of-trust\.de$ [NC]                                                                                                                       
   RewriteRule ^(.*)$ http://www.network-of-trust.de$1 [R=301,L]

Then i found the RewriteRuleWitch, which gave me the following:

RewriteRule ^($|/.*) \                                                                                                                                                          
  http://127.0.0.1:8080/VirtualHostBase/http/%{SERVER_NAME}:80/network-of-trust/VirtualHostRoot/$1 [L,P]

which is different in the pattern matching part. I will incorporate the info from calvinhp here.

Anyway, now it works. In case we go https many thanks for the virtual_hosts.conf extensions for that case!