homepage Welcome to WebmasterWorld Guest from 23.22.128.96
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

    
correct setup of apache to handle multiple domains with & without ssl
johnhalbert




msg:4421909
 10:46 am on Feb 26, 2012 (gmt 0)

I have a pretty straightforward question about setting up virtualhosts in both the httpd.conf and ssl.conf.

I have 3 domains that I'm hosting on my machine, two use ssl and one doesn't. When I set up the httpd.conf file I went ahead & included all 3 domains in the virtualhosts section. I then set up the two domains that require ssl in the ssl.conf virtualhosts section. For the two domains that use ssl, I specified an ip address rather than a hostname. When I start apache, it gives me a warning about the setup:

VirtualHost www.domain1.com:80 overlaps with VirtualHost 111.222.333.444:80, the first has precedence, perhaps you need a NameVirtualHost directive

The first virtualhost is the domain that doesn't need ssl. Since the other domain is configured in the ssl.conf & has the .htaccess configured to always redirect to https, all three of the sites are running and the content from the correct directory is shown on the appropriate domain.

My question is - is this something that I should be concerned about? Should I just remove the two domains that don't need ssl from httpd.conf?

 

RonPK




msg:4422222
 12:53 pm on Feb 27, 2012 (gmt 0)

For what it's worth, my setup for one SSL site and numerous non-SSL sites is like this:

NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.example.com
...
</VirtualHost>
<VirtualHost *:80>
ServerName sub1.example.com
...
</VirtualHost>

NameVirtualHost 1.2.3.4:443
<VirtualHost 1.2.3.4:443>
ServerName ssl.example.com
...
</VirtualHost>


It works, please don't ask why ;)

Why would you specify an IP address for the SSL sites? Doesn't the certificate require a domain name?

johnhalbert




msg:4422563
 9:30 am on Feb 28, 2012 (gmt 0)

For the same reason you specified one in your configuration. :)

I probably need to use a NameVirtualHost directive like you've done. I'd ask you what your reasoning was, but I have a feeling you may have followed some type of setup guide?

Technically, the sites load the way I want without problems. My main concern is whether there might be some type of security risk here. Also, for the sites that use ssl the virtualhost configuration is in ssl.conf, not httpd.conf, so I could simply eliminate the error I get from apache by removing the virtualhosts defined in httpd.conf for the secure sites since they will load correctly anyway without those definitions. Is this the way you have your set up?

RonPK




msg:4422677
 3:41 pm on Feb 28, 2012 (gmt 0)

Yes, there is no need to define vhosts twice. Apache routes all 443-traffic to the applicable vhost in ssl.conf.

I can't recall the thinking behind my setup: it has been running for over five years.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved