Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Any subdomain works!!

Posted on 2010-08-17
7
374 Views
Last Modified: 2013-12-13
Hi,

I noticed that any subdomain can access my website index .. why is that and how I can disable that?

For example : If anyone typed dsfsfsd.mywebsite.com it will access the index page and it will not redirect to www.mywebsite.com or give an 404 error?


Thank you so much for the ehlp.
0
Comment
Question by:Dido123
7 Comments
 
LVL 4

Expert Comment

by:philkeene
ID: 33459506
Do a header redirect if the $_SERVER['HTTP_HOST'] variable doesn't match www.mywebsite.com.

Let me know if you need assistance with that.
0
 
LVL 11

Accepted Solution

by:
Pieter Jordaan earned 500 total points
ID: 33459541
Hi

You can either change the DNS:
Your DNS server is configured to forward *.mywebsite.com to your IP address.
You can replace *.mywebsite.com with www.mywebsite.com to only forward the www record.

And/Or

Change your web server settings.
Your apache default DocumentRoot points to your web folder, so any address will load the default index file.
Create a virtual host for domain www.mywebsite.com and point it's DocumentRoot to your current web root folder, then change the default one to a different folder. You can create an empty index.html file in it, to give a blank page.

You can find examples on the Virtual host configuration here:
http://www.debian-administration.org/articles/412

The manual: http://httpd.apache.org/docs/2.2/vhosts/

I hope that helps.


0
 
LVL 6

Expert Comment

by:merwetta1
ID: 33461006
philkeene's solution will work, but you will probably want to add the code to all your pages, and all your pages would have to be PHP in order to enforce the "no stray subdomains" rule.

Bitfreeze's solutions will work, but if somebody tries to type your URL without the "www", they won't see your site. Changing Apache settings can be daunting, but you could follow Bitfreeze's "change your web server settings" directions and make the empty index.html file an index.php file that redirects to the "www" version of your site.

If your server allows local htaccess files and supports mod_rewrite, you could use a third option which will work nicely...upload a text file named ".htaccess" to your web root with the code below (change "mywebsite.com" to your domain). This will force everybody to see your site as "www.mywebsite.com".
RewriteEngine on

## enforce "www"
RewriteCond %{HTTP_HOST}   !^www.mywebsite.com.*$ [NC]
RewriteCond %{HTTP_HOST}   !^$
RewriteRule ^.*$           http://www.mywebsite.com%{REQUEST_URI} [L,R=301]

Open in new window

0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 109

Expert Comment

by:Ray Paseur
ID: 33466380
Why is this a problem?  Why not just ignore it, until you have a web site design that differentiates between (for example) www.example.com and test.example.com?

I would not worry about it at all, but if you care, you can ask your hosting company to fix it for you.  Refer them to this thread in EE.

Cheers, ~Ray
0
 
LVL 2

Expert Comment

by:Tiller79188231
ID: 33466973
BitFreeze is right, there is no reason to do a rewrite rule when this should be handled by the dns server
0
 
LVL 6

Expert Comment

by:merwetta1
ID: 33469821
I don't think it can be handled by DNS, because ideally these URLs should work:
http://mywebsite.com
http://www.mywebsite.com

But these (and all other subdomains) should not:
http://abc.mywebsite.com
http://xyz.mywebsite.com

Tiller79188231...how can you do that with DNS?
0
 

Author Closing Comment

by:Dido123
ID: 33470490
Yes, it was due to a wild card in my DNS settings which I removed it and now everything like I want it.

Thank you all for your time.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Which userID to use for shopping cart application 13 27
how to use Initialization Vector for openssl_encrypt() 5 58
XML extra information 8 29
Wordpress Query 5 25
This article discusses four methods for overlaying images in a container on a web page
3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question