How to deal with malicious domain redirections?
- by user359650
It is possible for anybody to buy a domain name containing negative terms and point it to someone's website in order to damage their reputation. For instance someone could buy the domain child-pornography.com and point it to the address 64.34.119.12 which is the address behind stackoverflow.com and people navigating to the domain in question would end up visualizing content from StackExchange which would be detrimental to StackExchange's image. To illustrate this, I added the entry 64.34.119.12 child-pornography.com to my /etc/hosts file and tested. Here is what I obtained:
I personally found this user experience terrible as someone could think that Stack Exchange are in favor of child pornography and awaiting support from the community to create a Q&A site about it.
I tested with other websites and experienced other behaviors that I would categorize as follows:
1 - Useful 404 page (happens with stackoverflow.com):
For me the worst way of handling this as the image of the targeted website is directly associated with the offending domain. The more useful the 404 page, the bigger the impression that the targeted website would be willing to help with child pornography.
2 - Redirection (happens with microsoft.com):
For instance when accessing child-pornography.com you get redirected to www.microsoft.com. It isn't as bad as above as the offending domain name never appears alongside the targeted website's content, but still bad in my opinion as it gives the impression the targeted website bought the offending domain and redirected it to their website to get more traffic.
3 - Server error (happens with lemonde.fr):
You get an error from the webserver which page doesn't contain any content that can be associated with the targeted website (e.g. default Apache 404 page, completely blank page). I believe that is good as the identify of the targeted website isn't revealed.
Above are the various behaviors I experienced, but I also thought about a fourth way of dealing with this which is described below.
4 - Disclaimer page (haven't found any website implementing that technique):
Display a message such as :
"You ended here because someone bought and linked the
child-pornography.com domain to our website. We do not own this
domain and do not associate ourselves with it. This request has been
logged by our servers and we will raise this issue with the competent
authorities to have this domain taken down. If you want to access our
website, please click here."
The good thing about this method is that it can be implemented at application layer (good if you don't have control over web server which happens with some hosting solutions), allows you to protect yourself from any liability, and offer the visitor to be redirected to your own website.
Which of the above options would you implement to deal with malicious domain linking (IMO only options 3 and 4 are worth considering) ?
