|DIsable default virtual host|
virtual host disable or error page
| 2:16 pm on Jan 26, 2013 (gmt 0)|
I have a single server (single ip) running apache, an email server (smtp, imap) and bind. It serves a single domain (example.com). In bind, I have set up www.example.com, example.com, ns.example.com (for DNS) and mail.example.com which naturally all point to the same ip.
I would like to point both, www.example.com and example.com to my website, so in my apache configuration I created a virtual host with "ServerName www.example.com" and "ServerAlias example.com"
Now if somebody is accessing www.example.com or example.com in the browser they end up on my website, however also people accessing mail.example.com or ns.example.com (in the browser) end up on my website. As far as I understand reading [httpd.apache.org ], this is due to the fact that I did not define virtual hosts for mail.example.com or ns.example.com and in that case those pages end up on the first listed virtual host (
|If no matching virtual host is found, then the first listed virtual host that matches the IP address will be used. |
I don't want people to access my website via mail.example.com or ns.example.com. Is there a way to disable the default behaviour of apache regarding un-defined virtual hosts? Or should I create a virtual host for mail.example.com (ns.example.com) and serve an error page or an empty page. In that case, what would be a good content for an error page?
| 4:28 pm on Jan 26, 2013 (gmt 0)|
Hi bamse and welcome to WebmasterWorld.
I'm not sure if I'm understanding your question properly but this is how I have handled it for the same scenario you are describing.
In apache2.conf (your config file may be different depending on your setup, can also be httpd.conf, or a few others):
Deny from All
Allow from 127.0.0.1
Whether or not that is the best manner to handle it or not I'm not positive but it serves my purpose. Also it's better to just serve an access 403 forbidden because anyone navigating to those URI shouldn't be there anyway. It would just be someone up to mischief or a stray bot. No point on serving up a page that is going to consume bandwidth.
However, one of the advanced Apache forum folks here might jump in behind me and tell you (and me) why that might not be the best way of handling it so hang tight.
| 4:33 pm on Jan 26, 2013 (gmt 0)|
I just reread your OP again after posting and the lights went on (and coffee had just kicked in) -- I think my reply is not answering your question because it assumes multiple VirtualHosts but you did state you only have one.
| 4:41 pm on Jan 26, 2013 (gmt 0)|
Thank you SevenCubed. I think you understood my question properly. So you mean to create a default vhost to handle all requests which don't match any other vhosts and which is not accessible from the outside world?
BTW, how (if at all) did you handle the reverse scenario: for instance somebody accessing IMAPS at www.example.com:993 instead of mail.example.com:993 or somebody querying the DNS at mail.example.com:53 ?
| 8:43 pm on Jan 26, 2013 (gmt 0)|
Hmmmmmm we obviously have different setups. I didn't have to create a default vhost it was already there. I'm using Plesk to perform partial site duties (SSH commands, arguments and options for the rest).
By default Plesk creates a default domain which it appears to refer to afterward as a template for creating new domains (ask me how I found out the hard way).
So I didn't have to create a default it was just there but was accessible in ways I didn't want. But, it was a concern for me in ways you mentioned above so what I posted above was my solution to keep gremlins out. I had to allow 127.0.0.1 because the system appears to interact with it in some way that I don't fully understand (but understand much more than I did prior to deleting it). Ha, it looked like spare parts!
As for the other points you've mentioned I haven't considered them and now feeling apprehensive about checking into it right now due to being in a state of shell-shock from a week-long period of configuring my new server to get it setup and finally running smoothly.
I was just beginning to breathe again. I had gotten into a state of holding my breath with every new configuration input and restart command. It was so frequent that I stopped breathing for a week until I saw another member's post somewhere where (s)he typed out in CAPS - BREATHE. And I did once again ;)
Oh dang my monkey mind is getting me OT again...retreating.
| 9:13 pm on Jan 26, 2013 (gmt 0)|
Rechecking, I also have a default vhost which something or somebody (me) must have disabled. Like on your box, the default was made for another purpose though.