skeddtemp
By:
skeddtemp

Website being copied? Block any other domains from using my server?

March 22, 2017 719 views
Node.js Ubuntu 16.04

Seems someone has set their domain to use my server. It's not a mirror, the database and everything works and updates with mine. Is there a way to make it so my server will only respond to requests from my domain? He's basically stealing my content, and he's showing up on google instead of me.

I'm using node.

7 Answers

Configure your vhosts to only respond to your domain names.

@skeddtemp Needed to start a new answer because we maxed out the thread.
Great, no, I don't think you need to mess with pm2, but you need to make sure that nothing besides Nginx is listening on the external ports.
Run this command lsof -iTCP -sTCP:LISTEN -P

  • Are all of the ports listed here accessable externally?

    Heres the list:
    sshd

    sshd

    mongod

    nginx

    nginx

    nginx

    nginx

    nginx

    nginx

    node\x20/
    sshd
    sshd

    • @skeddtemp
      I can't see which interface it listens on from that list.
      Maybe you should setup a firewall.

      • COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
        sshd 1490 root 3u IPv4 14472 0t0 TCP *:22 (LISTEN)
        sshd 1490 root 4u IPv6 14483 0t0 TCP *:22 (LISTEN)
        mongod 17901 root 6u IPv4 578756 0t0 TCP *:27017 (LISTEN)
        nginx 21205 root 6u IPv4 1117068 0t0 TCP *:80 (LISTEN)
        nginx 21205 root 7u IPv6 1117069 0t0 TCP *:80 (LISTEN)
        nginx 21205 root 8u IPv4 1117070 0t0 TCP *:443 (LISTEN)
        nginx 21206 www-data 6u IPv4 1117068 0t0 TCP *:80 (LISTEN)
        nginx 21206 www-data 7u IPv6 1117069 0t0 TCP *:80 (LISTEN)
        nginx 21206 www-data 8u IPv4 1117070 0t0 TCP *:443 (LISTEN)
        node\x20/ 21258 root 11u IPv6 1118094 0t0 TCP *:3000 (LISTEN)
        sshd 23840 root 8u IPv6 1128812 0t0 TCP ip6-localhost:6010 (LISTEN)
        sshd 23840 root 9u IPv4 1128813 0t0 TCP localhost:6010 (LISTEN)

        full list. So is the problem the * instead of localhost ports?

        • @skeddtemp
          Okay, very important. Your MongoDB is accessible from the outside. You need to secure that. Unless you have a very good reason it should be publicly available, then put it on localhost.

          Everything with * means it listens on all interfaces (public and local).
          The localhost only listens on, well, the local host.

          So your Node.js is also listening on all interfaces on 3000, make listen on localhost only.

@skeddtemp Creating a new answer, since we maxed out the other thread.
You should install each service (what you call program), so it's secure. That would be my recommendation.
But you could just setup the firewall to block everything and then open the ports you want accessible from the outside.
Have a look at this tutorial:
https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04

UFW, or Uncomplicated Firewall, is an interface to iptables that is geared towards simplifying the process of configuring a firewall. While iptables is a solid and flexible tool, it can be difficult for beginners to learn how to use it to properly configure a firewall. If you're looking to get started securing your network, and you're not sure which tool to use, UFW may be the right choice for you. This tutorial will show you how to set up a firewall with UFW on Ubuntu 16.04.
  • I followed, here is the output

    sudo ufw status verbose
    Status: active
    Logging: on (low)
    Default: deny (incoming), allow (outgoing), disabled (routed)
    New profiles: skip
    To Action From


    22 ALLOW IN Anywhere
    80 ALLOW IN Anywhere
    443 ALLOW IN Anywhere
    80,443/tcp (Nginx Full) ALLOW IN Anywhere
    22 (v6) ALLOW IN Anywhere (v6)
    80 (v6) ALLOW IN Anywhere (v6)
    443 (v6) ALLOW IN Anywhere (v6)
    80,443/tcp (Nginx Full (v6)) ALLOW IN Anywhere (v6)

    lsof -iTCP -sTCP:LISTEN -P
    COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
    sshd 1384 root 3u IPv4 14397 0t0 TCP *:22 (LISTEN)
    sshd 1384 root 4u IPv6 14410 0t0 TCP *:22 (LISTEN)
    nginx 1510 root 6u IPv4 15432 0t0 TCP *:80 (LISTEN)
    nginx 1510 root 7u IPv6 15433 0t0 TCP *:80 (LISTEN)
    nginx 1510 root 8u IPv4 15434 0t0 TCP *:443 (LISTEN)
    nginx 1511 www-data 6u IPv4 15432 0t0 TCP *:80 (LISTEN)
    nginx 1511 www-data 7u IPv6 15433 0t0 TCP *:80 (LISTEN)
    nginx 1511 www-data 8u IPv4 15434 0t0 TCP *:443 (LISTEN)
    node\x20/ 1533 root 11u IPv6 16106 0t0 TCP *:3000 (LISTEN)
    mongod 1578 root 6u IPv4 16026 0t0 TCP *:27017 (LISTEN)
    sshd 1644 root 8u IPv6 16632 0t0 TCP ip6-localhost:6010 (LISTEN)
    sshd 1644 root 9u IPv4 16633 0t0 TCP localhost:6010 (LISTEN)

    Nothing seems to have changed though. I thought I denied everything so shouldn't mongo be blocked now? At this point I'd be willing to pay someone to do it. Any idea how I could go about that?

@hansen - Thanks, appreciate that :-).

@skeddtemp

I'm playing catch-up here, so forgive me if I start on the wrong part.

If you're simply looking to force MongoDB to listen on localhost or 127.0.0.1, then you need to edit mongodb.conf and change bind_ip to either or.

It's been a little while since I've used MongoDB, though I believe that file is located either here:

/etc/mongodb.conf

or

/etc/mongodb/mongodb.conf

You'd need to run:

nano /etc/mongodb.conf

... or use the other path (if that's where the config file is) and locate bind_ip and then change it so that it looks like:

bind_ip = 127.0.0.1

or

bind_ip = localhost

You would then need to restart MongoDB.

Once this change is made, as long as all access is local, then I would just remove the firewall rule that applies to MongoDB as you don't need to allow it in.

To find the rule, you can run:

ufw status numbered

Find the number that shows 27017 and run:

ufw delete NUM

Where NUM is the number you found when running the first command. So, for example, if my rule was number 5 on the list, I'd run:

ufw delete 5
  • Thanks for the comment

    I opened up /etc/mongod.conf, but that setting was already there.

    # network interfaces
    net:
      port: 27017
      bindIp: 127.0.0.1
    

    And I hadn't set a rule for mongo, I configured it based of the link from @hansen to I think block all ports except the ones in this list below

         To                         Action      From
         --                         ------      ----
    [ 1] 22                         ALLOW IN    Anywhere
    [ 2] 80                         ALLOW IN    Anywhere
    [ 3] 443                        ALLOW IN    Anywhere
    [ 4] Nginx Full                 ALLOW IN    Anywhere
    [ 5] 22 (v6)                    ALLOW IN    Anywhere (v6)
    [ 6] 80 (v6)                    ALLOW IN    Anywhere (v6)
    [ 7] 443 (v6)                   ALLOW IN    Anywhere (v6)
    [ 8] Nginx Full (v6)            ALLOW IN    Anywhere (v6)
    

    but that's still not working (at least I don't think it is,
    but the command lsof -iTCP -sTCP:LISTEN -P
    still says
    mongod 1582 root 6u IPv4 16004 0t0 TCP *:27017 (LISTEN)
    (though I'm not sure exactly what this command does, maybe theres a better way to test it)

    I also followed his earlier advice to try to lock down my server so it only works with my domain, but that didn't seem to take either.

@skeddtemp

I knew I was a little rusty, so the filename is actually mongod.conf. I just spun up a new Droplet and did a quick install of MongoDB 3.4 to confirm.

If the changes you've posted are from your the same configuration file, then you definitely shouldn't see * showing up as that pretty much means MongoDB is listening on 0.0.0.0 which is short for any available IP.

To confirm, I ran the same command on my quick install:

lsof -iTCP -sTCP:LISTEN -P

... which results in:

COMMAND  PID    USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
sshd    1743    root    3u  IPv4  16514      0t0  TCP *:22 (LISTEN)
sshd    1743    root    4u  IPv6  16516      0t0  TCP *:22 (LISTEN)
mongod  4630 mongodb    7u  IPv4  25998      0t0  TCP localhost:27017 (LISTEN)

If you've not already, please try running:

service mongod restart

...

If that doesn't work, please provide more details on your installation, more specifically how was MongoDB installed?

All I did to install MongoDB (3.4 on Ubuntu 16.04) on my end was run:

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 0C49F3730359A14518585931BC711F9BA15703C6
echo "deb [ arch=amd64,arm64 ] http://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.4.list
sudo apt-get update
sudo apt-get install -y mongodb-org
sudo service mongod start

Trying to figure out exactly what I did, I had a few issues getting the correct version, but I think this is the last thing I did:

   39  sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv EA312927
   40  echo "deb http://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.2 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.2.list
   41  sudo apt-get update
   42  sudo apt-get install -y mongodb-org
   43  sudo apt-get install -y mongodb-org=3.2.12 mongodb-org-server=3.2.12 mongodb-org-shell=3.2.12 mongodb-org-mongos=3.2.12 mongodb-org-tools=3.2.12
   44  echo "mongodb-org hold" | sudo dpkg --set-selections
   45  echo "mongodb-org-server hold" | sudo dpkg --set-selections
   46  echo "mongodb-org-shell hold" | sudo dpkg --set-selections
   47  echo "mongodb-org-mongos hold" | sudo dpkg --set-selections
   48  echo "mongodb-org-tools hold" | sudo dpkg --set-selections
   49  touch ./lib/systemd/system/mongod.service
   50  mongod --nojournal --dbpath=data
   51  pm2 start mongo-start.sh --interpreter=bash

@skeddtemp

What's the contents of mongo-start.sh?

If you're running specific configuration via a bash script, that may be what's setting the port, and that may be where we need to look to change it.

  • Sorry, I didn't get a notification and thought no one responded. Hope someone's still around to see this.

    I created mongo-start.sh to run this code:

    echo "Starting MongoDB" 
    
    #Delete the lock file preventing mongo from starting
    echo "Deleting lock file" 
    
    file="./data/mongod.lock"
    
    if [ -f $file ] ; then
        rm $file
    fi
    
    
    #Run mongo with the repair flag
    echo "Running repair" 
    mongod --nojournal --dbpath=data --repair
    
    #Start mongo db
    echo "Starting Mongo" 
    mongod --nojournal --dbpath=data
    

    Because every time c9 shut down my server it would stop working. I don't think it's doing anything special when running mongo though

Have another answer? Share your knowledge.