Is someone hijacking my website?

Last night there was a substantial increase in traffic to my site that normally gets about 10 hits per day.

The first series of hits was normal: (The ***’s are deleted letters obviously)
http://www.mark****.com.au/

A few minutes later the hits became:
file:///C:/Documents%20and%20Settings/Mr%20X/My%20Documents/mark****/www.mark****.com.au/index.htm

Then later today changed to:
file:///C:/Documents%20and%20Settings/Mr%20X/Desktop/My%20Home%20Page/index.html

Similar things have happened to my other pages on my site.

Is it that someone has saved my page into their docs as a webpage, then later changed the name of the file to index.html?

Does this indicate that someone is stealing my website and is going to change the details to themselves and launch it as their website? (their new folder is called "My Home Page"!!!)

Is there something else I should be worried about? Denial of service etc?

Am I being paranoid?


About a year ago someone nicked a bit of code off my source and swiped the statcounter code and so I had to change my statcounter code losing months of stats. I don’t want this to happen again.

Have I got any options?

Thanks for your help.

Mark

This is so very common. For whatever reason, a visitor wants to save the webpage on their own computer. It need not be with malicious intent. Maybe they want to study it offline. Or copy parts of it, some particularly good portions of code. Maybe they like it so much ...... but I digress.

In saving it, they have the choice of placing it in any folder they like and renaming it to whatever their browser settings suggest. Something.html is a good choice, despite your having called it originally Something.htm. This is only a detail.

You cannot avoid having any of your pages saved in this manner, regardless of any tricks you may have used in coding it. You can disable right-click viewing of the source code. You can even make the source code not available in View > Source in IE. One can always use File > Save as.

You can even specify that a page be viewed in a browser window that has no controls across the top. In the end the contents of your web page will always be present in a Temp folder on the visitor's pc and from there they can do anything with it, offline.

Should you worry about this? It depends what further use they make of it.

Of course, if they copy the entire code and then publish to their own site a web page which is for all intents and purposes identical to yours, then that is intellectual theft. If you can find it, you can try to prosecute.

More subtly, they might be taking or borrowing (you can call if stealing if you like) parts of your code to grace their own web pages. Again if you can find out and prove you had used your own ingenuity to create that particular code and it's not actually available in any web design course or tutorial or textbook, you could prosecute.

If the part they copy includes your Statcounter code, that's quite stupid on their part. It's likely they don't even realize that this is something tailored to your web site and it can identify any unauthorized usage. It's like them using all plus your email address. It cannot benefit them, it can annoy the hell out of you.

None of this in and of itself may lead to any denial of service attack.

They could perhaps use your email address if you have it posted on your web site (a big NO-NO) as a reply-to email address for sending out SPAM or other uninvited email and making it look as if you were the originator. Again, if you can trace the perpetrator, you can try to prosecute for that, as that is probably the most prejudicial fraudulent act they can do to you.

If your stats are compromised in this manner, I'm afraid there's nothing you can do to either stop it or avoid it. Changing your project code is all you can do.

If you feel strongly enough about it, you can try to trace this user by their IP address, which you now have, courtesy of StatCounter :) No idea how easy this may be. You'd probably have to lodge a well documented complaint with their own ISP which again you can find from your counter stats. Of course, always assuming they are not using any IP cloaking mechanism, which is all to easy to implement by anybody who is sufficiently intent on doing this.

And then all of this may not at all be what's happening. You don't know that your web page has even been saved to a visitor's hard disk. You know that your counter has logged a referrer residing on somebody's pc. Most people call their home web page as index.html . Or index.htm or index.shtml, etc.

I can write my own web page, call it index.html (the logical name for it) and use the wrong Satcounter project number, quite by accident. Maybe I have a similar project number, only 2 digits switched around or one digit off, whatever. It's like dialling a wrong phone number. I am testing my own web page on my own pc and it logs to your Statcounter account. I will eventually figure it out when my own counter shows nothing. In the meanwhile you are worrying and I know nothing about it! It could in fact all be very innocent and a very honest mistake. :lol:

Hi Diane and Christina (love your kitten!),

Thanks for your advice. 
It is a person from my own industry as the initial referrer was an industry links site.

As Christina says maybe I should be proud I have something knock-offable! :roll:

After a nights sleep on the problem it does occur to me, as you say, it depends on the future use of it. And in re-use if they don’t remove the Statcounter code I will be able to track them.

It is a bit bizarre that the counter code still works even when they have saved the webpage to their hard drive! I take it they would have to be connected to the web at the time.

Anyway, thanks for your help and advice. :D

Mark

It is a bit bizarre that the counter code still works even when they have saved the webpage to their hard drive! I take it they would have to be connected to the web at the time.

Anyway, thanks for your help and advice. :D

Mark

Sure, it works, as long as they are connected to the web, and they would normally be if they had high-speed internet.

After all it is just basically a bit of javascript that has its source at a particular address (on a statcounter server). It does what it's supposed to do: track. :)

I'm not sure that Statcounter could modify the scripts to refuse hits coming from off-line pages like that, and even less for pages originating on the wrong domain (as defined in the project profile). While logically feasible, the overhead would be too significant and it would slow things down way too much, I think. Besides, one may be interested in seeing such hits anyway, I'm sure. How else to find out your page or counter is being used by somebody else?

Hi Christina,

An interesting thing in this one is the person has named his computer Mr X:
file:///C:/Documents%20and%20Settings/Mr%20X/...

I have just realised my computer is named my own name (full name) so if I save someone’s webpage they can then have access to my full name!

Now I have to go find how to change the name because you can’t rename the Documents file in My Computer.

Mark

Well, you can have access to the guy's name - or at least what he called himself as a user on his system. he won't have access to yoru name unless you do the same to one of his web pages that he is tracking similarly.

And it's just fluke he saved to My Documents rather than elsewhere plus he executed it from there, without moving it somewhere else first, so he's not all that savvy.

I hardly ever save to My Documents, most of my stuff is in fact all over the place on different hard disks and in different partitions. I usually group them into folders named by projects.

I removed my name from the My Documents by changing the login in Control Panel/ Users.


Mark :)

I hope you don't also have a home network to contend with ... because then you've just cut yourself off from it.

Is a “Home Network” the same as what old people call a “family”?

I am safe then as no lady/girl (trying to be politically correct)/woman/Ms/female/femail/non-male has seen fit to accept my propositions hurled across the bar.

Consequently I need only one log-on.

;)


Home Networking: (Definition) [Derivation: Gates] Cooking for children. Common usage: “I am going to do some Home Networking” = “I’m going to shove that TV advertised ready-to-serve dinner into the microwave to feed the kids.” <<Ping!>> Thats fast!


Thanks for making me smile and your help :)
Mark

Is a “Home Network” the same as what old people call a “family”?

I am safe then as no lady/girl (trying to be politically correct)/woman/Ms/female/femail/non-male has seen fit to accept my propositions hurled across the bar.

Consequently I need only one log-on.

;)


Home Networking: (Definition) [Derivation: Gates] Cooking for children. Common usage: “I am going to do some Home Networking” = “I’m going to shove that TV advertised ready-to-serve dinner into the microwave to feed the kids.” <<Ping!>> Thats fast!


Thanks for making me smile and your help :)
Mark

Errr... you can look at the home network as being loosely similar to a family ... yet, somehow this is not what I meant, though, in extremi, you could be cut off from it too under similar circumstances. :D