On Sun, 2023-08-27 at 17:39 +0200, Franta Hanzlík via users wrote:
> There is also the question of security and resistance to attacks from
> the Internet. And since the attacks will most likely go to the IP address
> (not the ServerName), it might be a good idea to make one more (fake)
> Virtualhost as the default ("first listed") VirtualHost - and on it have
> minimal configuration, secure DocumentRoot and so on). Or am I mistaken?
Correct that attacks will go to the IP address, and you're probably
more likely to get IP scanning finding you than someone targeting a
particular domain. Though the reverse may be true if you publish
anything that triggers the dingbats on the internet.
Also correct that you may want to ensure a particular virtual host is
your default one. You may want that to be your main website, you may
want that to be some kind of defensive configuration. There's another
advantage in the default virtual host being the wrong website, it may
aid you in checking you've configured things right for your real
website.
The conf.d/*.conf files are processed in alphabetical order, so name
your default virtual host's configuration file to be picked first (e.g.
000-default.conf). Filenames don't have to be the same as the domain
name, by the way.
--
uname -rsvp
Linux 3.10.0-1160.95.1.el7.x86_64 #1 SMP Mon Jul 24 13:59:37 UTC 2023 x86_64
Boilerplate: All unexpected mail to my mailbox is automatically deleted.
I will only get to see the messages that are posted to the mailing list.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
