$_SERVER['HTTP_HOST'] AND $_SERVER['SE

I have one website that generates a good traffic and i have found that other website is cloaking my website and i have problem on how to detect it with PHP so i can block it.

First of all I have added echo $_SERVER['HTTP_HOST'] or echo $_SERVER['SERVER_NAME'] to my code and when i access this cloaking websitethe result is right. It shows me the name of the website (cloakingwebsite.com) that is cloaking mywebsite.com

So i am now on cloakingwebsite.com (not my domain), with this code added on mywebsite.com (my domain)

if($_SERVER['HTTP_HOST'] == "cloakingwebsite.com" || $_SERVER['SERVER_NAME'] == "cloakingwebsite.com"){
    echo "you are on cloakingwebsite.com";
}
else if($_SERVER['HTTP_HOST'] == "mywebsite.com" || $_SERVER['SERVER_NAME'] == "mywebsite.com"){
     echo "you are on mywebsite.com";
}

and i get you are on mywebsite.com

Conclusion:

If i use $_SERVER['HTTP_HOST'] or $_SERVER['SERVER_NAME'] with echo or print the result is right but if i use them with if and else statement the result is not right.

I don't know much about virtual or real ip and SERVER_NAME or HTTP_HOST but this looks like a security issue for me.

All my users that search for my website on google find this cloaking website and they login on my website trough this one because it is also managing cookies and everything. As far as i know these websites may got all my users login info that goes trough them. I have searched all the internet for a solution and that was javascript. I did that but now they got smart they filter and remove all javascript codes.

So the only option for me is $_SERVER['HTTP_HOST'] or $_SERVER['SERVER_NAME'] witch are not detected right.

I run PHP 7.1 on NGINX

Any solution please?

myWebsite.com HEADERS

[USER] => www-data
[HOME] => /var/www
[HTTP_CF_CONNECTING_IP] => 3a02:3f0e:5260:664:75fb:bb5a:f2a6:1ea3
[HTTP_COOKIE] => __cfduid=d7711ced6c319ac0aa615de5f64160b561509570260;
[HTTP_ACCEPT_LANGUAGE] => en-US,en;q=0.8,it;q=0.6,ro;q=0.4
[HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
[HTTP_UPGRADE_INSECURE_REQUESTS] => 1
[HTTP_USER_AGENT] => Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
[HTTP_CF_VISITOR] => {"scheme":"https"}
[HTTP_X_FORWARDED_PROTO] => https
[HTTP_CF_RAY] => 3b8d9bf459da7ea0-BUD
[HTTP_X_FORWARDED_FOR] => 3a02:2f0e:3260:664:75fb:bb5a:f2a6:1ea3
[HTTP_CF_IPCOUNTRY] => RO
[HTTP_ACCEPT_ENCODING] => gzip
[HTTP_CONNECTION] => Keep-Alive
[HTTP_HOST] => mywebsite.com
[REDIRECT_STATUS] => 200
[SERVER_NAME] => mywebsite.com
[SERVER_PORT] => 80
[SERVER_ADDR] => ******hiden.ip
[REMOTE_PORT] => 34741
[REMOTE_ADDR] => ****hiden.ip
[SERVER_SOFTWARE] => nginx/1.13.6
[GATEWAY_INTERFACE] => CGI/1.1
[REQUEST_SCHEME] => http
[SERVER_PROTOCOL] => HTTP/1.1
[DOCUMENT_ROOT] => /var/www
[DOCUMENT_URI] => /index.php
[REQUEST_URI] => /
[SCRIPT_NAME] => /index.php
[CONTENT_LENGTH] => 
[CONTENT_TYPE] => 
[REQUEST_METHOD] => GET
[QUERY_STRING] => 
[SCRIPT_FILENAME] => /var/www/index.php
[FCGI_ROLE] => RESPONDER
[PHP_SELF] => /index.php
[REQUEST_TIME_FLOAT] => 1509882770.658
[REQUEST_TIME] => 1509882770

cloakingWbsite.com HEADERS

[USER] => www-data
[HOME] => /var/www
[HTTP_CF_CONNECTING_IP] => 3a01:3f8:171:2a4c:0:0:0:2
[HTTP_COOKIE] => __cfduid=dcad0dcc3004b494316f306212dc195911509878400;
[HTTP_REFERER] => 
[HTTP_ACCEPT] => */*
[HTTP_USER_AGENT] => Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
[HTTP_CF_VISITOR] => {"scheme":"https"}
[HTTP_X_FORWARDED_PROTO] => https
[HTTP_CF_RAY] => 3b8f5486a8196349-FRA
[HTTP_X_FORWARDED_FOR] => 2a01:4f8:171:3a4c:0:0:0:2
[HTTP_CF_IPCOUNTRY] => DE
[HTTP_ACCEPT_ENCODING] => gzip
[HTTP_CONNECTION] => Keep-Alive
[HTTP_HOST] => proxywebsite.com
[REDIRECT_STATUS] => 200
[SERVER_NAME] => cloakingwebsite.com
[SERVER_PORT] => 80
[SERVER_ADDR] => ***hidden.ip
[REMOTE_PORT] => 14485
[REMOTE_ADDR] => ***hidden.ip
[SERVER_SOFTWARE] => nginx/1.13.6
[GATEWAY_INTERFACE] => CGI/1.1
[REQUEST_SCHEME] => http
[SERVER_PROTOCOL] => HTTP/1.1
[DOCUMENT_ROOT] => /var/www
[DOCUMENT_URI] => /index.php
[REQUEST_URI] => /
[SCRIPT_NAME] => /index.php
[CONTENT_LENGTH] => 
[CONTENT_TYPE] => 
[REQUEST_METHOD] => GET
[QUERY_STRING] => 
[SCRIPT_FILENAME] => /var/www/index.php
[FCGI_ROLE] => RESPONDER
[PHP_SELF] => /index.php
[REQUEST_TIME_FLOAT] => 1509879844.936
[REQUEST_TIME] => 1509879844

If they truly are proxying your site, you need to determine the IP address of the server they're using and block them. If you block them from reaching your site, they can't act as a proxy.

So you should be looking at Apache, Nginx, or whatever web server you're running, inspect the log files, and look for tons of requests that come from the same IP, research this until you feel confident that it's them who is making those requests.

Then block them at the firewall level, or by using a service such as CloudFlare. Note that using a service like CloudFlare would help you avoid this sort of trouble to begin with, because they will be capable of monitoring inhuman amounts of traffic for you. Their service is free. https://www.cloudflare.com/security/