1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Site port protect?

Discussion in 'Security' started by aslik4rahan, Mar 13, 2019.

  1. #1
    Hello, my site working 443 port so https

    but different server-site 443 port connect my content stealing.

    VestaCP firewall added thief site ip added block possibly but more sites appear.

    block after thief site this error show
    SEMrush
    Failed to connect to mysiteadress.com port 443: Connection refused
    Code (markup):
    How can i prevent it?

    I want to do 443 port only works my domain.
     
    aslik4rahan, Mar 13, 2019 IP
    SEMrush
  2. Cristiano Andrioli

    Cristiano Andrioli Peon

    Messages:
    11
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    1
    #2
    Hello friend, see if I can help you, please?

    My tomcat goes up on port 8080. When I put two services on my machine, one under 8080 and the other on 8081.

    In practice, you can use http://www.example.com:1234 to denote that you want to access the website www.example.com via HTTP on port 1234. When using https://www.example.com:1234, you use HTTPS to the HTTP address. When the session address is omitted / absent, an HTTP to HTTP address or 443 to HTTPS will be used.

    In theory, nothing prevents you from making the site available on your doorstep, and there are some sites that do this. However, the same ones that are not explicitly open, and are considered ports 80 and 443 as standard HTTP and HTTPS ports, used by 99% of the sites world-wide, they are usually always released while using the other ports, you may have problems with users who do not have access to your site.

    Another advantage of using as standard ports, is one that is not required for most websites. When this happens, if you do not move from www.example.com to the head of www.example.com: 1234.

    On the other hand, it is not a default port default usage, it is an application available more than an HTTP / HTTPS service on the same machine. Because the ports in use are reserved for the listening services and it is not possible to run two services at the same time on the same machine without the same semaphore, so if you have a service running without HTTP protocol on port 80 and you want to make another service available which also ran no HTTP protocol anyway so IP, so you have to use a different port. But when using a non-standard port, it will fall into the above problems. For example, the proxy / gateway is an HTTP / HTTPS service that acts as default ports (80 and 443) and is redirected to other local services running on other ports. In this relationship, the development can be independent (eg Clients.example.com goes to port 1234 and Suppliers.example.com goes to 4321). With this, there is a unique external verification service, including internally
     
    Cristiano Andrioli, Mar 13, 2019 IP
  3. aslik4rahan

    aslik4rahan Peon

    Messages:
    3
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    1
    #3
    Hello friend, thank you for message.

    I did some more research, cURL method use thief.

    But cURL method very difficult to prevent maybe impossible

    Unfortunately the port change, not working.
     
    aslik4rahan, Mar 13, 2019 IP
  4. bountysite

    bountysite Member Premium Member

    Messages:
    42
    Likes Received:
    1
    Best Answers:
    1
    Trophy Points:
    33
    #4
    If I understand the problem right, someone is accessing your site using curl. You suspect that they are stealing/copying data.

    You can block suspicious user agents using htaccess in your website docroot.
    RewriteEngine On
    RewriteCond %{HTTP_USER_AGENT} curl [NC]
    RewriteRule .* - [F,L]
    
    deny from 123.123.123.123
    
    Code (ApacheConf):
    Replace curl with whatever user agent you see.
    You can also block IP in htaccess, as shown with deny
     
    bountysite, Mar 13, 2019 IP
  5. aslik4rahan

    aslik4rahan Peon

    Messages:
    3
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    1
    #5
    Hi friend, all cUrl connection disable possible?

    Already firewall I can do blocking ip adress but different ips coming out.

    maybe 443 port only my domain connection permission possibly?
     
    Last edited: Mar 13, 2019
    aslik4rahan, Mar 13, 2019 IP
  6. bountysite

    bountysite Member Premium Member

    Messages:
    42
    Likes Received:
    1
    Best Answers:
    1
    Trophy Points:
    33
    #6
    You cannot block at firewall level(L4 level) ie on TCP ports.

    Yes, you can block based on user agent, using htaccess file.
    Even in nginx conf, you can block user agent.

    So, user agent containing curl can be blocked.
     
    bountysite, Mar 13, 2019 IP