Re: Host-header from requests are ignored?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

----- mabra@xxxxxxxxxxxx wrote:

> Hello !
> 
> I read the apache docs [using 2.2.9], but there is a lot of stuff,
> which is different in Debian [lenny, 5.0.6].
> 
> Apache ignores the host-header given by the browser:
> http://x or http://x:81 or http://x.mbg.local are all served, but
> should be
> blocked.
> The definition for x stems from my hosts file [which everyone could do
> this
> way].
> I am new new to apache, but on my IIS this works as expected.
> All browsers act equal [so no browser header problem].
> 
> I configured two VirtualHosts, an excerpt:
> 
> NameVirtualHost hugo:80
> 
> <VirtualHost hugo:80>


This looks like bad practice on Apache httpd.

> DocumentRoot /usr/share/doc
> Alias /doc/ /usr/share/doc/
> <Directory /usr/share/doc/>
> Options Indexes MultiViews FollowSymLinks
> Allow from 192.168.24.0/24
> </Directory>
> </VirtualHost>
> 
> The other VirtualHost is configured for port 81.
> 
> The I go to my hosts file on any box, and add hugo's ip-address under
> the new name x. Then, x is served [with and without specifying a
> port],
> although the host-header in apache is hugo!! Every user coming from
> the internet could make the same!
> 
> I am out of hope now. Does anyone has any help for me?

Check http://wiki.apache.org/httpd/ExampleVhosts or
http://httpd.apache.org/docs/current/vhosts/examples.html
out to see some examples for vhosts.


What I prefer to do is something like this:

# Enable name-based virtual hosts for all interfaces, on port 80

NameVirtualHost *:80

# the first listed vhost will be the default vhost,
# it catches all names which do not match:

<VirtualHost *:80>
  <Location />
    Deny from all
  </Location>
  # Alternatively, you could use mod_rewrite to send 410, as per RFC.
</VirtualHost>

<VirtualHost *:80>
   ServerName Hugo
</VirtualHost>


etc...

> Would really very good!
> 
> br++mabra
> 
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>    "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

-- 
Igor GaliÄ

Tel: +43 (0) 664 886 22 883
Mail: i.galic@xxxxxxxxxxxxxx
URL: http://brainsware.org/

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux