Ask HN: What to do when someone clones your site?
Our B2B SaaS had its entire website cloned at another domain. The cloner then took the time to create a new logo and change a few colors.
We reached out to the hosting provider, and the registrar, neither care.
The cloned website is hosted in Europe (Germany), with a small hosting provider. Domain registration appears to be hostinger.com.
Our concerns: Search engine trouble, potential customer confusion, lost sales.
We found the clone when ahrefs started reporting a new domain linking to one of our sites, because they'd helpfully cloned our entire footer.
Thanks for all your advice!
99 comments
[ 3.1 ms ] story [ 166 ms ] threadIn my opinion you should first get technical people to document as much "discovery" in both technical and simple layman's terms, then get lawyers to review your findings and determine if a legal case and if there are financial or brand damages can be built. They can take it from there.
This happened to me years ago when a Russian website copied a website I was running. We had an API that helped them get not just the design, but the data.
Google is pretty smart (sometimes) about figuring out content of origin. If you already have an established site with links pointing in your should be fine. If you're new and you're entire business can be copied that quickly, you have likely larger problems than SEO at this point.
They haven't cloned the actual product, just the marketing copy on the public site. We've been around for ~10 years, so we have plenty of history with search engines, and a reasonable amount of organic links spread around the internet.
The miscreants DDOSed right back, X100, and he lost his entire site.
I'd gently suggest against bear-poking.
Slightly different context. They were exfiltrating data from his site, as opposed to completely cloning it.
Still have nothing like a lot of people wanting to pay you to use your service? Ignore the clone site, they haven't stolen anything of any value.
It sounds glib, but tons of startups are arguing about roles and responsibilities of employees and their vacation policy while the bank account runs down to 0 and nobody notices because they have no costumers.
But, if your service can be cloned in a mechanical manner, it's doubtful it's that valuable anyway. And, if there's money to be had, you'll likely see legitimate competitors that make this cloning incident seem like a drop in the bucket.
Is your only “unfair advantage” that you hope to rank high in organic search? How do you acquire customers - conferences, targeted ads, a sales team? None of those efforts would be affected by a cloned site.
At the end of the day, they're cloning your website, not your product, and that means they're not going to be taking any business from you.
You should also consider the outcome if someone in an unreachable country (eg. Russia) cloned your website. If this is a grave issue, then you need to re-evaluate your business plan.
Modern browsers don't actually give them any special display features these days, so it doesn't seem worth it.
At the same time, file a DMCA notice with search engines. This could get them delisted.
Don't forget to document everything, as you will need it to do the above.
My website (see profile) has a list of English-speaking lawyers in Berlin.
The value of the 'email' field is hidden to other HN users. Only the text in 'about' is visible to others.
That list of submissions include many from his personal domain and another site he has, namely https://allaboutberlin.com/
List of English-speaking lawyers in Berlin
https://allaboutberlin.com/guides/english-speaking-lawyers-b...
Any requests coming from that server network should be goatse-d on all images.
Or, since they're hosting from Germany, make sure to throw in some pro-nazi stuff and "holocaust didnt happen" stuff, and then turn them in to their government.
Basically, you can either just use normal troll defacement, or you can poison them with illegal to their location content. Your choice.
2) Despite the above, call them out publicly. A YC company ripped us off blatantly and we decided to call them out. It will hamper their image and make people aware of what they're doing. Evidence: https://twitter.com/Bensign/status/1512110156275986433
Notably, in a reply where they're calling out the similar icons, only one is the same while the other two are different, the only similarity that one of them has a graph.
There’s only so many logical ways to layout a graph, breadcrumbs, and table. If the breadcrumbs perform an action, which they seem to do, then you’ll want them center to emphasize that. That’s just basic UX design.
I could argue they copied the query builder from dozens of different sites because they all look identical. It’s a query builder, there’s only a few ways to design and implement one.
The tables straight up are just standard design tables. They could’ve come from Bootstrap at how plain they look. The only thing they have in common in terms of the things they show is costs, which, I mean for two tools used to keep track of cloud spending, seems like a given.
The copy is completely different even if the purpose is the same, and “slicing and dicing data” is a go to phrase in the industry. We used the phrase all the time when developing a graphing tool.
Nothing in that Twitter post is unique. It’s what I, and I’m sure many others would converge on for any sort of tool that interacts with graphed data. Especially for two tools in the same space, there’s only so many ways to show people their cloud costs. If anything, both companies just have extremely generic looking and feeling UIs.
As I have said like half a dozen times now, there’s only so many ways you can show cloud costs. It’s not like this is some innovative space, it’s just showing costs over time on a graph and table. If I were to clean room design an interface for this problem, I would certainly have the same sort of design, layout and copy as these two.
And yes, all of those things are generic, for the reasons I’ve given. Do you have any actual response other than being incredulous that someone has a different opinion than you?
Yes, the design is fairly generic but if you can't see that someone ripped off someone here then you must be trying a bit too hard to not see it.
Here is the direct message of them apologizing: https://imgur.com/a/OlNJ5U4
I've heard in the past that it can hurt your SEO, but I don't know that firsthand.
Is there a risk that google considers your site to be spam if it detects mirrors of the same content?
I read about this happening a while ago, as the content thieves set an earlier publication date in their cloned pages metadata...
Otherwise, yes I agree, it's not a particularly innovative design, and 'graph with breadcrumbs and a datatable', and 'SQL query builder with madlibs type interface' are pretty generic, the implementations here are nice, but look very similar to Airtable/Notion/Coda, I don't think there's a huge amount of originality there. On the line between 'inspired by' and 'copied from', I think.
Reference: 24 years in the web hosting industry
I’ve seen more and more cases of this happening when founders build in public, especially if they share revenue numbers.
Regardless, sorry to hear about this happening to you…
No? Than as annoying as it is there are few options. However, "About Us" pictures of people at your company do have implicit copyright, and image misuse is 100% enforceable with take-down strikes.
Mostly endured the problem by posting our fiscal mistakes like a running joke, and proudly presenting them for others to "clone". Some folks are even brazen enough to try to sell trademarked squatter-domains. The good news is the .com and country suffix usually ranks higher in searches than most domains by default.
The truth is if you can be cloned with ease, than the product likely falls squarely in the low-hanging-fruit category. Thus, as a business model it is unsustainable.
if its a SaaS, they are likely talking about the marketing site - not the logged in experience.
Thus, a castle without a moat you can fill with legal alligators. Note, a service company is actually easier to handle than shipped product firms.
Cheers ;)
Without people blatantly copying stuff, we wouldn't have the iPhone.
> Obfuscate and compress your frontend code - It's harder to clone a big pile of random code that's not pretty.
> Put subtle watermarks in your site images - Makes their job harder and very easy to slip up.
> Use absolute rather than relative links so your own URLs appear everywhere in the site - It's easy for them to slip up and miss one.
> Use some of that obfuscated JS and frontend code to check what URL you're at and consider your options for redirecting, popping up a warning message, or rewriting the URLs in the body - it's a nightmare to try and figure out what a pile of crazy compressed JS actually does.
> Have your site rely on your own API in some fashion - hard for them to clone if they have to rely on you for the data.
> Put some hidden messages in your source code that might slide by a casual cloning job, but might be enough to verify ownership of the original code.
Even more so, while slightly advanced, you can set up a OTP verification on the front end before rendering things. JS code calls your backend which receives a OTP code (generated through some private key), and verifies this using public key. If obfuscated/minified properly, it would take some effort to reverse engineer properly.
Additionally you can do sneaky things like make a request to your backend trigger on some random large time interval, where the Origin header is passed, so you can see which domain the client site got rendered from, and then return some displayed warnings about using a fake copied website.
ah, this strange network request fails with this base64 and it stops loading, whatever could it be!
How to get yourself de-listed from Google. This one weird trick all your competitors want you to know!
- DMCA takedowns (domain registrar, ISP, IP space owner)
- Report the fake site as phishing in Google Safebrowsing and similar
- If they're hotlinking any assets, replace them with broken / nasty ones
The people who do this tend to be lazy and uninterested in the actual business. (If they had a real passion for it, they wouldn't just clone your public facing website) Thus, they will probably vanish on their own sooner than later anyway.