One of the common reasons why website owners buy a dedicated IP address is to encrypt a page or two using an SSL certificate ( this is needed to access a page via https instead of http ). But for those who are new to this type of hosting environment, beware that the security risk could be greater when using a dedicated IP address instead of a shared IP address. Third-party registrants can easily get their domain names to point to a dedicated IP address of someone else. This is hard to do on shared IP address, but for a dedicated IP address, it is a matter of updating the DNS record of empty websites.
A dedicated IP address points to a specific hosting account that contains the root folders of a website. Because of this exclusive assignment, online users can access the website by simply typing the IP address in the browser’s URL bar instead of using the domain name.
When DNS file zones of domain names are configured to point to a dedicated IP address owned by someone else, they will display the exact content of the legitimate website. They will point to the same hosting account associated with the dedicated IP address. As a result, these domain names that “squat” on a dedicated IP address can get the SERP ranking that should be otherwise given to the domain name of the legitimate owner of that IP address. Moreover, online surfers won’t bother to know which domain names to click from SERP as long they access the page they want, and these third-party websites will share the credit for the content.
You cannot totally prevent other registrants from using your dedicated IP address. The DNS file zone of every domain name can be changed in order to associate that name with a particular IP address, regardless of whether that IP address is already used or not.
Thus, you must not ignore basic security measures to counter unauthorized use of dedicated IP address:
1. Use your .htaccess file to rewrite and ignore http requests that do not match your domain name.
2. Major server-side scripting languages have default variables that store the URL used to access your server. Examples are $SERVER[‘HTTP_HOST’] and $SERVER[‘HTTPS_HOST’] in PHP. Let your server check these variables to ensure that it will respond only to valid http requests.
3. To know if there are other domain names resolving into your dedicated IP address, check your IP address at http://whois.domaintools.com.
If you find one, ask the domain owner to update his or her DNS record. Or demand help from the host if you get no response. The Digital Millennium Copyright Act requires hosts to suspend their service for a contested domain name.
Third-party domain names that use your dedicated IP will compete with you own domain name in the SERP. Google might even give higher ranking to such domain names if they attract more traffic.
Bradley Zarich is the general manager of eServe BPO, an SEO and offshore staffing firm based in Manila. He writes about information technology, telecommunications, satellite broadband solutions, wireless gadgets, SEO and c-band connectivity.