Re: apache 2.4 virtualhosts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Is order significant ?

In your example it checks in the virtual hosts matching ip:port in
config file order :

1. ServerName www.example.com

2. ServerName gone.example.com

3. ServerName forbidden.example.com
    ServerAlias *.example.com

The wildcard is last in your example, in mine it is first. Is it as
simple as changing the order so more specific non-wildcard servernames
match first and the wildcard last ? Bummer :)

If so, the example at
http://httpd.apache.org/docs/2.4/vhosts/name-based.html says :

<VirtualHost *:80>
# This first-listed virtual host is also the default for *:80
ServerName www.example.com
ServerAlias example.com *.example.com
DocumentRoot /www/domain
</VirtualHost>

<VirtualHost *:80>
ServerName other.example.com
DocumentRoot /www/otherdomain
</VirtualHost>

It should probably say :

<VirtualHost *:80>
ServerName other.example.com
DocumentRoot /www/otherdomain
</VirtualHost>

<VirtualHost *:80>
# This first-listed virtual host is also the default for *:80
ServerName www.example.com
ServerAlias example.com *.example.com
DocumentRoot /www/domain
</VirtualHost>

That makes sense to me, if it is true.. if not i'll ponder it awhile
and post some specific 2.2 and 2.4 configs tomorrow.

I appreciate your help :)

Cheers
Brett

On Thu, Mar 15, 2012 at 11:56 PM, Eric Covener <covener@xxxxxxxxx> wrote:
>> I'm guessing that apache 2.4 does not search for more specific
>> ServerName if it matches a wildcard ServerAlias ?
>
> Not sure I'm following what's behaving different.  Can you simplify
> your example/claim in both releases?
>
> I couldn't get an unexpected result:
>
> <virtualhost localhost:80>
> ServerName www.example.com
> </virtualhost>
> <virtualhost localhost:80>
> ServerName gone.example.com
> RewriteEngine on
> RewriteRule .* - [G]
> </virtualhost>
> <virtualhost localhost:80>
> ServerName forbidden.example.com
> ServerAlias *.example.com
> RewriteEngine on
> RewriteRule .* - [F]
> </virtualhost>
>
> covener@cov-t61p:~/SRC/httpd-2.4.x$ printf "GET / HTTP/1.1\r\nHost:
> forbidden.example.com\r\n\r\n" | nc 0 80
> HTTP/1.1 403 Forbidden
> Date: Thu, 15 Mar 2012 13:54:10 GMT
> Server: Apache/2.4.2-dev (Unix) OpenSSL/1.0.0e
> Content-Length: 202
> Content-Type: text/html; charset=iso-8859-1
>
> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> <html><head>
> <title>403 Forbidden</title>
> </head><body>
> <h1>Forbidden</h1>
> <p>You don't have permission to access /
> on this server.</p>
> </body></html>
> covener@cov-t61p:~/SRC/httpd-2.4.x$ printf "GET / HTTP/1.1\r\nHost:
> gone.example.com\r\n\r\n" | nc 0 80
> HTTP/1.1 410 Gone
> Date: Thu, 15 Mar 2012 13:54:13 GMT
> Server: Apache/2.4.2-dev (Unix) OpenSSL/1.0.0e
> Content-Length: 295
> Content-Type: text/html; charset=iso-8859-1
>
> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> <html><head>
> <title>410 Gone</title>
> </head><body>
> <h1>Gone</h1>
> <p>The requested resource<br />/<br />
> is no longer available on this server and there is no forwarding address.
> Please remove all references to this resource.</p>
> </body></html>
> covener@cov-t61p:~/SRC/httpd-2.4.x$ printf "GET / HTTP/1.1\r\nHost:
> foo.example.com\r\n\r\n" | nc 0 80
> HTTP/1.1 403 Forbidden
> Date: Thu, 15 Mar 2012 13:54:18 GMT
> Server: Apache/2.4.2-dev (Unix) OpenSSL/1.0.0e
> Content-Length: 202
> Content-Type: text/html; charset=iso-8859-1
>
> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> <html><head>
> <title>403 Forbidden</title>
>
> </head><body>
> <h1>Forbidden</h1>
> <p>You don't have permission to access /
> on this server.</p>
> </body></html>
>
> covener@cov-t61p:~/SRC/httpd-2.4.x$ printf "GET / HTTP/1.1\r\nHost:
> www.example.com\r\n\r\n" | nc 0 80
> HTTP/1.1 200 OK
> Date: Thu, 15 Mar 2012 13:55:22 GMT
> Server: Apache/2.4.2-dev (Unix) OpenSSL/1.0.0e
> Last-Modified: Fri, 11 Nov 2011 17:43:44 GMT
> ETag: "2d-4b1790ff95400"
> Accept-Ranges: bytes
> Content-Length: 45
> Content-Type: text/html
>
> <html><body><h1>It works!</h1></body></html>
>
>
> covener@cov-t61p:~/SRC/httpd-2.4.x$ printf "GET / HTTP/1.1\r\nHost:
> bar.com\r\n\r\n" | nc 0 80
> HTTP/1.1 200 OK
> Date: Thu, 15 Mar 2012 13:56:06 GMT
> Server: Apache/2.4.2-dev (Unix) OpenSSL/1.0.0e
> Last-Modified: Fri, 11 Nov 2011 17:43:44 GMT
> ETag: "2d-4b1790ff95400"
> Accept-Ranges: bytes
> Content-Length: 45
> Content-Type: text/html
>
> <html><body><h1>It works!</h1></body></html>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>



-- 
The only thing that interferes with my learning is my education.

Albert Einstein

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux