On 30 September 2011 02:22, Trey Dockendorf <treydock@xxxxxxxxx> wrote:
> I had a recent request to improve security on my web servers by having each
> website use a different user to run the hosting service. So
> example1.comhas it's own Apache instance running as apache1 and then
> example2.com has its own instance of Apache as apache2. Is this even
> possible or realistic? I understand the idea of how that would be secure,
Easily doable with an other instance of Apache acting as the proxy.
This Apache can be yet an other "can't do anything"-style locked-down
instance which only proxies virtual hosts to separate Apache
instances.
You can set up as many Apaches running on separate internal ports
(i.e. 127.0.0.1:8881, 127.0.0.1:8882 etc). and then use proxypass to
forward virtual servers. I use a similar setup at home where
locked-down virtual machines run all by themselves and the
front-facing Apache simply matches the VirtualHost name and passes it
down. The only thing I can't do is using a separate certificate for
HTTPS for every one of them.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
