How to block Domain with Apache?

Question

We have a website, example.com, on Digital Ocean. It seems there is a user that used to have our IP address that has enabled domain masking for their site, or they are just poingint their domain, domain.com, to our sute. We do not want domain.com displaying our website, so I would like to block domain.com.

I tried using this guide: https://perishablepress.com/eight-ways-to-blacklist-with-apaches-mod_rewrite/ , but it seems like this doens't work with domain masking.

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?domain(-|.).*$  [NC]
    RewriteRule ^(.*)$ - [F,L]
</IfModule>

I saw this example: https://serverfault.com/questions/796674/block-masking-url-from-nginx/ , but I don't know how to translate this to Apache.

Answer 1

@arkascha Suggested that I use the Apache's virtual hosts to get this job done.

The idea is to make your default host deny access, and then add another virtual host that will allow access to your domain. This means there is no blacklist, but a whitelist instead. This prevents and future or unknown domains causing similar issues.

Here is the content of my etc/apache2/sites-available/000-default.conf, which successfully blocked traffic from domain.com, and allowed traffic from example.com:

<VirtualHost *:80>
    ServerName catchall
    <Location />
        Require all denied
    </Location>
</VirtualHost>

<VirtualHost *:80>
    ServerName example.com
    ServerAlias www.example.com
    ServerAdmin [email protected]
    DocumentRoot /var/www/html/public

        <Directory /var/www/html/public>
            Options Indexes FollowSymLinks MultiViews
            AllowOverride All
            Order allow,deny
            allow from all
        </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>