They said the attacker was passing through the client's user agent. If they get ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		IMSAI8080 on Dec 12, 2022 \| parent \| context \| favorite \| on: Ask HN: Someone is proxy-mirroring my website, can... They said the attacker was passing through the client's user agent. If they get a user agent that is GoogleBot, they could check if the requesting IP is actually a valid Google data centre (there is a published list of IPs). If the IP is not Google directly, they could return a blank page therefore causing Google to index nothing through the mirrored site.

Bender on Dec 12, 2022 [–]

This is a good idea, though it may be short lived since the attackers are likely reading this due to the referrers in the logs. They may add an ACL to counter this but it might be interesting to see how long that works.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact