Free advertising on your site
What could be better than advertising on your site? Especially the one that you did not post! Opening my site in the browser in the evening, I suddenly saw a giant banner on the floor of the screen from DomRu.
Until I understood what was going on, the advertisement closed and everything fell into place. Attempts to reload the page and see it again failed. The content of the HTML code did not reveal any anomalies either. I think most users would simply not react in any way to this problem, because the Internet is already full of contextual advertising that is being introduced anywhere. But it was my site and I donβt remember DomRu asking me to advertise. How does this happen - under the cut
Technical support in touch
I decided to ask a reasonable question about the above fact in tech support. At first they told me that there should be no advertising, then they explained that these were problems on the part of my hosting which introduces advertising. But the fact is that I do not have any hosting (and even more so free), the site is located on my VPS server and I install and configure everything there myself. The promise that soon everything will be fine and the advertising will disappear did not materialize.
How it works
The next day, the advertisement reappeared, but this time I saved the page for further study. And hereβs whatβs happening - right after the BODY tag, the DIV is unceremoniously introduced with the contents of the advertisement, as well as a solid STYLE block. The total size of the "unauthorized" content is about 40kb. The code has no external dependencies and carries all the necessary images in base64.
( , ) . .
. https ( ) . - http- . , mitm- .
Exploring the Internet, I came across another note related to such activity - DOM.RU shows its advertisement instead of the site . It can be said that over the year their advertising system "grew" and learned to embed banners directly into pages instead of a dumb redirect.
Provider Response
After several requests to call me back and explain how and why this happens, I finally waited for the call of a more or less competent person. The most interesting thing is that they see no problem there. Which MITM? What is traffic interception? What kind of advertising? You have an unlimited tariff! And we just inform users about new promotions.