Hello all, I'm having the most puzzling problem. I am getting a very strange redirect: http://kritiq.us/ GET / HTTP/1.1 Host: kritiq.us User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:188.8.131.52) Gecko/2008120121 Firefox/3.0.5 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive HTTP/1.x 302 Moved Temporarily Server: nginx/0.6.16 Date: Tue, 20 Jan 2009 20:05:28 GMT Content-Type: text/html Connection: keep-alive X-Powered-By: PHP/5.2.0-8+etch13 Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Tue, 20 Jan 2009 20:05:27 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Location: http://sedoparking.com/search/registrar.php?domain... Vary: User-Agent,Accept-Encoding Content-Encoding: gzip Content-Length: 170 X-Cache: MISS from 226072 I have no idea where this redirect is coming from. I have no idea what sedoparking is. I don't have any PHP on the server, or even have it installed, for all I know. This is a rails project, it's using the config here: http://pastie.org/365988 Can anyone give me a direction on this? I'm completely lost as to where this is coming from and how to stop it. BJ Clark
on 2009-01-20 22:26
on 2009-01-20 22:43
Seems an expired domain to me.
on 2009-01-21 00:04
Check that your DNS isn't pointing to Sedo's parking servers.
on 2009-01-21 06:55
The domain isn't expired (I checked), but it might also be a problem with Slicehost. Does the version of Nginx listed in the HTTP headers match the actual version you have installed? It might be Slicehost uses Nginx and *they* are redirecting your domain. Cliff
on 2009-01-21 07:08
Yes, it looks like it's the same Nginx. I'm now looking into if this is a security issue (ie, I was somehow haxored and have figured it out). I contacted slicehost and they've never seen anything like this either. BJ Clark
on 2009-01-21 21:11
On Tue, 2009-01-20 at 20:58 -0800, BJ Clark wrote: > Yes, it looks like it's the same Nginx. > > I'm now looking into if this is a security issue (ie, I was somehow > haxored and have figured it out). Try disabling Nginx altogether in your VPS and see if it still happens. You might even try running a different service on port 80. If it still happens then I'd venture that your domain name isn't pointing to the correct IP address or that something is misconfigured on Slicehost's end (they are sending the IP to the wrong VPS). Cliff