As the subject, I found two exact clones of my shopify store. Or should i say it's been mirrored. I tried to change some details on my website, including a warning poster, and the other two sites got updated instantly. And they have redirected most of my traffic to the fake sites.
I have contacted shopify and their domain registrar, but none of them can help. I've also reported them to google and cloudflare, haven't heard back.
Have anyone experienced the same? Is there a solution at all to this issue?
It's so scary this kind of thing can actually happen with shopify store and couldn't get any help with them.
Is that separate Shopify store or redirecting to your store?
I believe they redirecting to your store. Can you please share store link of both? original and mirrored
did you checked your domain settings, theme code etc?
it looks like its not separate shopify store, but same store using different domain
@Jivan_Suhagiya the bad guys simply serve the same HTML they've downloaded from the original shop.
You can see it's not a Shopify store -- they serve jQuery from the root of their site, fro example. And their server runs on PHP...
I tried something and its looks like they using Shopify resources at all
for ex. if we check cart json on http://entrecineastas.com/cart.json
even product data http://entrecineastas.com/products/70s-shorts-green-white.json
its returning real time data, not from their server
am I correct?
@Jivan_Suhagiya -- interesting! Seems to be a bit more complex than just a mirror.
Note that offending site has cart at http://entrecineastas.com/checkout/cart address and it does not correspond with http://entrecineastas.com/cart.json -- for example for me cart shows 3 products, but json is empty and token changes with every refresh (which should not happen).
http://entrecineastas.com/cart.js which should work on Shopify server produces 404'ish HTML.
I'd try to put something like this inside the <head> (in theme.liquid layout)
<script> if( location.host.indexOf("inzelane") < 0 ) location.hostname = 'inzelane.com'; </script>
This is obviously very naive code which should redirect to original site if run somewhere else. Generally should be made more complex and more obfuscated, or even loaded from the file...