Welcome to WebmasterWorld Guest from 54.147.20.131

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

Blocking virtual hosts that don't exist

     

teokolo

10:25 am on Mar 4, 2013 (gmt 0)

5+ Year Member



Hello,
I'd like to block (or to show an error page) to every request for a domain not present in my apache vhost configuration.

I found some domains (not in my control) which resolve to my server ip address and I don't know how to block them.

For example:
mydomain.com : 1.1.1.1
externaldomain.com: 1.1.1.1

NameVirtualHost 1.1.1.1
<VirtualHost 1.1.1.1>
ServerName mydomain.com
...
</VirtualHost>
<VirtualHost 1.1.1.1>
ServerName mydomain2.com
...
</VirtualHost>


If you access externaldomain.com, apache shows the content of mydomain.com.

Thanks in advance.

Teo

phranque

10:19 am on Mar 7, 2013 (gmt 0)

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



i haven't tested it, but something like this in the httpd.conf file (after all the other more specific VirtualHost containers) should probably do the job to create a "catch-all":

<VirtualHost *:80>
ServerName _default_
ServerAlias *
DocumentRoot /usr/web/wildcard/htdocs

RewriteEngine on
RewriteRule ^ - [F]

</VirtualHost>



this should respond to any request (on port 80) for a non-specified hostname with a 403 Forbidden status code.

teokolo

5:42 pm on Mar 7, 2013 (gmt 0)

5+ Year Member



phranque thank you for your input, I solved the problem.

My server has 2 IP addresses and some domains on it.

The solution is adding a _default_ virtual host at the beginning, something like this:


NameVirtualHost 1.1.1.1
<VirtualHost 1.1.1.1>
ServerName _default_
DocumentRoot /var/www/html/blackhole
</VirtualHost>
<VirtualHost 1.1.1.1>
ServerName example.com
DocumentRoot /var/www/html/example.com
</VirtualHost>


NameVirtualHost 2.2.2.2
<VirtualHost 2.2.2.2>
ServerName _default_
DocumentRoot /var/www/html/blackhole
</VirtualHost>
<VirtualHost 2.2.2.2>
ServerName example2.com
DocumentRoot /var/www/html/example2.com
</VirtualHost>



You can check the configuration with apachectl -S

phranque

6:47 pm on Mar 7, 2013 (gmt 0)

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



that looks like a good solution.

what's the response when the request hits the blackhole?

teokolo

7:57 am on Mar 8, 2013 (gmt 0)

5+ Year Member



Right now I'm just showing the Apache test page, maybe "403 unauthorized" would make more sense.

phranque

11:50 am on Mar 8, 2013 (gmt 0)

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



you can do this in your .htaccess file, either using mod_access and a "Deny from all" directive or using mod_rewrite and the RewriteRule directive's F flag, similar to the example above.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month