Blocking malicious domains pointed at a dedicated IP address

I found a situation today where someone had registered a domain and pointed it at one of my customer's websites who has a dedicated IP. By default, cpanel will allow any host header to bring up the website. It was drawing quite a bit of traffic to the server with visitors and crawlers to this fake website.

It could be blocked at the application level, but it's simple enough to do with .htaccess:

RewriteCond %{HTTP_HOST} !^www.example.org
RewriteCond %{HTTP_HOST} !^example.org
RewriteRule .* - [F]

The fake website was registered with a DNS provider and pointed at the dedicated IP on my server. I spotted it by seeing the fake HTTP host in the logs.

Comments

Now our system become more secure and have strong security for detected.Many students help writing a cv on security threads because it much needed.The DNS also help in this point of view.

That's very interesting, quite a rare situation but sounds like you handled it like a champ! icariin 60