I have a server apache2 with a few of websites.
One of these is served both on http and https
All of others are server only on http
I inherited this bad situation from an ex worker of company whre I am imployed, do not blame me
If I try to access via https one of other website, apach2 is serving, i think, the first (and only) server accessible via https, even if it has a different domain.
If I access https://blablbalca.com, apache2 knows that blablbalca.com is not served on https, but It doesn't give me a 404, it serves https://anotherwebsite.com
What directive tells apache to automatically serves 'the first one' in case of missed definition?
How to fix?
EDIT: I found a more elegant and generalized way to express my question:
How can I avoid that apache2 serves a random virtual host if a domain, pointing to the same ip, is not really served from my server?
You can do a name best virtual host and set the ServerName and ServerAlias to match each website. Furthermore, if you want 'blablbalca.com' to return an error when accessed over HTTPs, you'll have to setup a virtual host in the your_site.conf to handle traffics coming from the https port. Like doing a redirection or showing an error page.
The default configuration file that deals with the incoming connection from a domain name that is not on the server or without domain name at all (direct IP connection):
For port 80:
<VirtualHost *:80>
ProxyPass "/" "http://your/path/here"
ProxyPassReverse "/" "http://your/path/here"
</VirtualHost>
For port 443 (SSL):
<VirtualHost *:443>
ProxyPass "/" "http://your/path/here"
ProxyPassReverse "/" "http://your/path/here"
</VirtualHost>
The website with a domain:
<VirtualHost *:80>
ServerName yoursite.com
ServerAlias www.yoursite.com
ServerAdmin none#webhost.com
DocumentRoot /var/www/yourWebsite
</VirtualHost>
I am removing a lot of directives and only keep the ones that we are focusing on in this case.
Related
I have a container mapped by Nginx on example.org/portia/test, structured as follow:
Container exposes only port 9001, where an Apache instance as proxy is listening.
A Django server is running on 8000, all traffic for /api and /server_capabilities is sent to him.
Another Django server is running on 9002, which handles websockets on /ws path.
a scheme of my network
I'm trying to add OpenIdConnect authentication using the mod_auth_openidc plugin for Apache, I want to protect the entire virtual host.
So far I reach the correct login page on auth-example.org, I login with my credentials and the auth server redirects me with the correct URI. Ngnix answers me with a 400 error.
request sent with a lot of cookies
The auth server is used by several application inside mydomain.org, so I guess something is wrong with my Apache configuration file.
For clarity's sake, I can't touch Nginx or the auth server confs.
apache_site.conf
<VirtualHost *:9001>
ServerAdmin webmaster#localhost
DocumentRoot /app/portiaui/dist
ServerName www.example.org
ServerAlias example.org
#ProxyRequests On
Alias /static /app/portiaui/dist
OIDCProviderMetadataURL https://www.auth-example.org/auth/realms/master/.wel$
OIDCRedirectURI https://example.org/portia/test/callback
OIDCCryptoPassphrase <much secret>
OIDCClientID portia
OIDCClientSecret <much private>
OIDCCookiePath example.org/portia/test/
OIDCCookieDomain example.org
<Location /static>
Require all granted
</Location>
<Location /api>
Require all granted
ProxyPass http://127.0.0.1:8000/api
ProxyPassReverse http://127.0.0.1:8000/api
ProxyPreserveHost On
</Location>
<Location /server_capabilities>
Require all granted
ProxyPass http://127.0.0.1:8000/server_capabilities
ProxyPassReverse http://127.0.0.1:8000/server_capabilities
ProxyPreserveHost On
</Location>
<Location /ws> # mod_proxy_wstunnel is enabled
RequestHeader set Host "127.0.0.1:9002"
ProxyPreserveHost On
ProxyPass http://127.0.0.1:9002/ws
ProxyPassReverse http://127.0.0.1:9002/ws
</Location>
<Location />
AuthType openid-connect
Require valid-user
</Location>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
The cookie path setting in OIDCCookiePath only needs to contain the actual path, not the host. In fact I'd start without using any of OIDCCookiePath or OIDCCookieDomain.
The answer of Hans Z. suggests me to change also OIDCRedirectURI in a relative path.
Setting OIDCRedirectURI /callbacksolved the issue: my Apache instance doesn't receives the entire URL www.example.org/portia/test/callback but only the last part of the path. This is due to the front side Nginx instance.
I configured apache on ubuntu 16.04 and I created a virtual host with these instructions:
<Directory /var/www/html/example.com/public_html>
Require all granted
</Directory>
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html/example.com/public_html
ErrorLog /var/www/html/example.com/logs/error.log
CustomLog /var/www/html/example.com/logs/access.log combined
</VirtualHost>
when I try to open the page www.example.com on my browser I see this message:
This domain is established to be used for illustrative examples in documents. You may use this domain in examples without prior coordination or asking for permission.
Should I use another name instead of "example" to solve the problem?
Ok any name? For example "myname.com"
For clarity, I only need this for local tests
www.example.com is actual website that somebody else owns, has it registered in DNS and has some content on it. When you open the address in browser, your computer first asks DNS server (presumably one setup by your ISP). DNS then responds, that www.example.com is ran on 93.184.216.34 - which is probably not your machine. This is where the message is from.
Now, what is the meaning of ServerName and ServerAlias then? It is actualy a directive for your webserver, running on your machine, to know which packets are meant for given virtual host. It does not affect how your browser will transalate them.
For the sake of local testing (both server and browser are on same OS), all you need to do is to create virtualhost for a 'localhost'. This is a reserved address for the machine currently being used. Simply put:
ServerName localhost
ServerAlias localhost
into your virtualhost and you will be able to access the webserver by entering 'localhost' into your browser.
In case you would need more than one host locally, you can override the dns by editing the host file https://en.wikipedia.org/wiki/Hosts_(file) - for example, in windows by adding hosts records like:
127.0.0.1 app.local
127.0.0.1 db.local
and then creating two different virtual hosts, one with alias app.local, second with db.local. Then, the OS will then route requests from your browser correctly to your machine per hosts file. Your websever will then sort your request according to the header to proper virtualhost.
You might want to check out some general information on how dns and internet protocol works:
https://en.wikipedia.org/wiki/Internet_protocol_suite
https://en.wikipedia.org/wiki/Internet_Protocol
https://en.wikipedia.org/wiki/Domain_Name_System
I have a website (http://www.goodfoodwaiheke.org) configured as a virtual host on Apache2. The virtual hosting configuration redirects traffic from apache2 to tomcat8 via these conf parameters:
<VirtualHost *:80>
ServerName www.goodfoodwaiheke.org
ServerAlias goodfoodwaiheke.org
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://localhost:8080/coop/
ProxyPassReverse / http://localhost:8080/coop/
</VirtualHost>
On tomcat, the /coop/ part of the address invokes the JSF application in coop.war. This seems to work. The correct welcome page is served except for one problem. The url for static resources are being served incorrectly. For example, the url of the background image on the welcome page, which is actually in http://www.goodfoodwaiheke.org/coop/resources/images/GoodFoodWaiheke4.png is served to the browser as http://www.goodfoodwaiheke.org/coop/coop/resources/images/GoodFoodWaiheke4.png (i.e. the coop app name is duplicated in the url). This is causing static resources to not work. Although I can sort of understand why this may be happening I am unsure of how to fix it. I know I could offload the static resources onto the Apache2 server but for various reasons I would like the war file to be self-contained and for tomcat to be responsible for serving the whole site.
I'd be very grateful for any suggestions as to what I need to change.
What are the appropriate configurations for the Subdomain module in drupal 7 on Window 7 running XAMPP?
My site is localhost/example
Here are the changes I have made:
settings.php
$cookie_domain = '';
Leaving this commented out gives me an error
"The $cookie_domain variable in settings.php is not set".
Uncommenting and putting in "localhost", ".localhost", "example", ".example" gives me an "Access denied" error.
It seems to accept "localhost/example" or a blank ' ', although I don't know if this is the right thing to do.
host
127.0.1.1 localhost example
(and I can successfully ping ideastar)
http.conf
NameVirtualHost *:80
<VirtualHost *:80>
ServerName example
ServerAlias *.example
DocumentRoot C:/xampp/htdocs
</VirtualHost>
getting the fallowing error
Subdomain error: localhost and subdomain-test.localhost did not resolve to the same IP address. Your DNS may be improperly configured and subdomains will likely not work.
First you should create two virtual host one for main domain and another for sub-domain. For ex: like we have two domains example.com and test.example.com to setup on local host. I am assuming that you have a fresh install of Xampp on your machine. Your virtual host [\xampp\apache\conf\extra\httpd-vhosts.conf] file should have these entries:
<VirtualHost *:80>
DocumentRoot "\xampp\htdocs\example"
ServerName example.com
ServerAlias example.com
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "\xampp\htdocs\example"
ServerName test.example.com
ServerAlias test.example.com
</VirtualHost>
Now open you system host file and make the following entries below the line "127.0.1.1 localhost" (localhost ip 127.0.0.1)
127.0.1.1 example.com
127.0.1.1 test.example.com
\xampp\htdocs\example this directory should contain your Drupal setup.
Cookie domain entry should be as per the below line
$cookie_domain = '.example.com';
i have assumed that you already have a Drupal site running at http:\localhost\example.
I'm switching from Dreamhost to Rackspace Cloud hosting, since the formers ability to handle a rails app left something to be desired. I've got a CentOS server all set up and I've got my rails app deployed and the domains resolve and everything is great. Now I want to set it up so if I go directly to the IP address I'll get the the normal apache directory instead of the rails app. I thought the virtual host could manage this, but now both of them go to rails page or the apache page, as the case may be
<VirtualHost *:80>
ServerName 123.456.789.101
DocumentRoot /var/www/html
</VirtualHost>
<VirtualHost *:80>
ServerName mywebsite.com
ServerAlias www.mywebsite.com
DocumentRoot /rails/myapp/current/public
<Directory /rails/myapp/current/public>
AllowOverride all
Options -MultiViews
</Directory>
</VirtualHost>
I'm not quite sure how to proceed, or if this is just impossible to begin with. Thoughts?
Apache takes the very first virtualhost to be it's primary host for the provided IP, (or all IP's in the case of *). Therefore you should be able to just setup your main virtual host record, make sure its the first vhost record that get's loaded and it will load that virtualhost whenever an unbound IP or unbound address is encountered. Then specify a second virtual host with the specific domains/subdomains you want to point to your rails app.
Please note that if you split your virtual host records across multiple files (i.e. sites-available/sites-enabled folders). Apache loads them in alphabetical order, often on debian based systems you will see the 000-default or similer file. This one uses numbers at the start to ensure its always the first one loaded and takes on the role of primary vhost