XX.XX.XX.XX is the bind address and any DNS resolving to that address is eligible to be served out of that VH container. ServerAlias is generally used for NamedVirtualHost addressing and if a ServerName does not match then the first VH container will serve the request.

Personally, I would redirect anything NOT www.contentdomain.com to www.contentdomain.com site umbrella, but if you really want to preserve a few of the URL hosts (HTTP Host header) provided by the client then mod_rewrite is your friend.

LoadModule rewrite_module modules/mod_rewrite.so
<VH x.x.x.x:80>
ServerName
ServerAlias
...
RewriteEngine On
RewriteCond %{HTTP_HOST} !^(www\.)?contentdomain\.com$ [NC,OR]
RewriteCond %{HTTP_HOST} !^custom\.startingdomain\.com [NC]
RewriteRule .

http://www\.contentdomain\.com%{REQUEST_URI}

[R=301,L]

DocumentRoot /../../path/blah
</VH>

The above should 301 (perm) redirect anything not in your name list to the www.contentdomain.com preserving the REQUEST_URI such as /styles/css/banner.css


D

Hi dmwaff!

Thanks for your expansion on my question, however, I think I may need to clarify my needs.

I want the user to see the URL for the custom.startingdomain.com address in their address bar at ALL times, even though they are seeing the content of the www.contentdomain.com site. In this regard, I don't think mod_rewrite will work for what I need.

Going back to your first line... "any DNS resolving to that address is eligible to be served"... is there a way to limit this? In other words, can I setup the server so that it only allows a particular domains DNS to resolve correctly to the contentdomain.com site? I was hoping that ServerAlias would do this, but I guess I was using it incorrectly.

Although... Could I do this with a RewriteCond that basically checks for everything EXCEPT 'okayed' startingdomain(s)--and push those to a 403 (forbidden) page? This is kind of hack-ish, but it may work... thoughts?

Just to clarify again...
1. custom1.starter.com => shows www.contentdomain.com, but keeps custom1.starter.com in the address bar.
2. custom2.starter.com => shows www.contentdomain.com, but keeps custom2.starter.com in the address bar.
3. custom3.starter.com => shows www.contentdomain.com/403-page/, but keeps custom3.starter.com in the address bar, as: custom3.starter.com/403-page/.

In all three circumstances above, the following DNS settings would exist:
1. custom1.starter.com. IN CNAME www.contentdomain.com.
2. custom2.starter.com. IN CNAME www.contentdomain.com.
3. n/a

Thanks ahead of time for your advice!
-Ryan

If you have 1 A record and 99 CNAMES, IE. 100 unique names resolving in DNS to a single IP and the IP is your listen address, then any client can use any of the 100 names to REACH your HTTP Server. Your configuration will determine how that request handled. If you want to deny any incoming request except for 2 of the 100; then you must require HTTP/1.1 (RFC requires Host: header) and inspect the Host: and use the forbidden flag to mod_rewrite. Remove the L flag so valid requests will continue rewriterule processing.

D
RewriteEngine On
RewriteCond %{HTTP_HOST} !^(www\.)?contentdomain\.com$ [NC,OR]
RewriteCond %{HTTP_HOST} !^custom\.startingdomain\.com$ [NC]
RewriteRule - [F]

ABOVE, should read if the URL host is NOT www.contentdomain.com, contentdomain.com, or custom.statingdomain.com then forbid.

CORRECTION: forgot the pattern match .(dot)

RewriteRule . - [F]

There is also a logic bug in that code which will cause the forbidden response will be invoked for every request. This is because the requested hostname will *always* be "not blank, not one domain, or not the other." For example, even if the requested hostname *is* "contentdoamin.com" it will still be "not startingdomain.com" and therefore the second RewriteCond will invoke the rule. The problem is the logical-OR operator on the first RewriteCond.

I'd suggest:

RewriteEngine On
RewriteCond %{HTTP_HOST} !^(www\.)?contentdomain\.com$ [NC]
RewriteCond %{HTTP_HOST} !^custom\.startingdomain\.com$ [NC]
RewriteRule .? - [F]

Also, don't remove the [L] flag. The [L] flag only applies if the current RewriteRule is invoked. Once the current rule is invoked, there is no use in continuing to process the following RewriteRules, and doing so may actually cause undesired effects, such as internally-rewritten filepaths being exposed to clients by subsequent redirect invocations.

For efficiency and predictable operation, use the [L] flag on every RewriteRule, with only provably-required exceptions (these are very rare).

Jim

Is that to say that something like this would work?

RewriteEngine On
Options +FollowSymlinks
Options +SymlinksIfOwnerMatch


# ===============================================
# =============================================== BAN UNKNOWN DOMAINS
RewriteCond %{HTTP_HOST} !^(www\.)?contentdomain\.com$ [NC] 
RewriteCond %{HTTP_HOST} !^custom\.startingdomain\.com$ [NC] 
RewriteRule .? - [F,L] 

# ===============================================
# =============================================== REWRITE ENGINE FORWARDING
RewriteCond %{HTTP_HOST} ^([A-Z0-9\-]+)\.([A-Z0-9\-]+)\.([A-Z0-9._%-]+@[A-Z0-9.-]+\.(?:[A-Z]{2}|com|org|net|gov|biz|mil|edu|coop|info|name|aero|jobs|museum|mobi))$ [NC]
RewriteRule ^$ http://%1.%2.%3/do-something.php?id=%1%2%3 [L]

For the first rule, I'd suggest:

RewriteEngine On
Options +FollowSymlinks
#
# Block requests for unknown hostnames
RewriteCond %{HTTP_HOST} !^(www\.)?contentdomain\.com$ [NC]
RewriteCond %{HTTP_HOST} !^custom\.startingdomain\.com$ [NC]
RewriteRule .? - [F]

I have no idea what that second rule is for, and the comment doesn't make it any clearer. All I can say is that you cannot redirect and "keep the address in the address bar, that there will be no "@" character in any valid hostname, and that you cannot possibly list all of the valid TLDs in your rule, because they're going to be "opened up" soon --or already have been-- so it's a better idea to simply match two to six characters A-Z instead.

Jim