Hello! I tried searching for a discussion about this but could not find one. Sorry if this has been covered.
Our website is https://potku.net (that's our WordPress; our phpBB is at https://potku.net/forum). However, from Google admin tools we found there is an URL like https://wewe.potku.net/. That definitely sounds fishy, but does someone know what is going on with something like that? What are they trying to do exactly? Phishing?
It’s some kind of scam by the looks of things, there’s some information available on sites like trustpilot, is that a working url? I’ve seen ‘DO NOT CLICK’ warnings as well so it’s probably best to stay away.
"The good news is hell is just the product of a morbid human imagination.
The bad news is, whatever humans can imagine, they can usually create." - Harmony Cobel
What is worrying is that there is a site similar to yours on a sub-domain of your domain without your knowledge.
Unless you have delegated the management to someone else who uses it for preprod and/or testing, you should still be concerned.
Does the sub domain appear in your cPanel? If so you can check where its pointing to and if the files are on your site then its up to your hosts to find out how and when they got there.
You should also then be able to remove the subdomain
EDIT and if your hosting company cant solve the issue then I would be looking for a better host
Our host pretty much just takes care of the hardware and makes sure we stay online. Everything else is up to our tech admins (one of whom is a member here). They don't use cPanel but some other, more terminal-like method, I think. They actually did do something now, so at least the fake URL in the original post doesn't work. That's good, I suppose.
potku wrote: ↑Wed Mar 23, 2022 8:29 am
I am not so much concerned as I am curious. How did that URL happen to come about and why? But maybe it's above my pay grade.
There is DNS entry for this and if no one from your organization added it that should a be a giant red flag. The server is responding to the request so it would have also been added to the VirtualHost file.
If they made DNS changes it may not have propagated yet but that is first thing to remove. The VirtualHost entry should also be removed or even use a 301 permanent redirect to the non wewe version to clear out any search engine indexing.
“Results! Why, man, I have gotten a lot of results! I have found several thousand things that won’t work.”
thecoalman, thank you for pointing out the potential dangers of this oversight. Our tech admins took your thought seriously and made changes to our DNS settings.