I noticed bing webmaster telling me I had a backlink from somewhere. I investigated to find to my surprise someone had stole my discourse based site!
I deactivated ‘allow same origin’ plugin but its still somehow appearing on this fake site.
My site is http://www.aibuapp.com/ and the catfish is http://labthi.ng/
Has my discourse been hacked?
have you checked your DNS?
kindly check your host/domain provider as well. They might be able to look into the config/settings why is your site pointing to another domain simultaneously.
Yes I contacted them. They said this other person is pointing their domain to the server. Why would they even bother doing that?? What’s a foolproof and easy way to block traffic from their domain?
I think this is a fix @sam needs to make so the site will only answer to the official domain and IP address.
We already had this case once here on Meta, but I cannot find the topic or remember the resolution 
I don’t have the topic reference to hand, but it was given to me to rummage around and try to munge the nginx config to setup a separate default site. Never quite got around to actually doing it, though.
Sometime, it’s quite useful for helping reduce the redirection configuration, i.e. www
And I am pretty sure web ssl template will redirect the user to the actual domain.
if ($http_host != $$ENV_DISCOURSE_HOSTNAME) {
rewrite (.*) https://$$ENV_DISCOURSE_HOSTNAME$1 permanent;
}
ssl and letsencrypt templates would relieve you from all kinds of troubles.
EDIT: You don’t even need to issue any certs for domain where you want redirection comes from.
Yes, I consider this solved, everyone should be using the lets encrypt template, it is free and solves this issue 100%
Ok where do I find it and use it? Does this mean I need to install a certificate?
The first search result for: “lets encrypt”