I try to set up virtual hosts on my server. I already add virtual host for my default domain:
NameVirtualHost *:80
<VirtualHost *:80>
ServerName domain.com
ServerAlias www.domain.com
DocumentRoot /srv/www/domain.com
</VirtualHost>
<Directory /srv/www/domain.com>
Options +FollowSymLinks -Indexes
AllowOverride All
order allow,deny
allow from all
</Directory>
Now domain.com and www.domain.com has document root /srv/www/domain.com
But www1.domain.com, www2.domain.com, ..., *.domain.com domains also have document root /srv/www/domain.com. How to deny access to server from all domains beside domain.com and www.domain.com?
I just need to add before virtual hosts:
ServerName localhost
<VirtualHost _default_:80>
<Directory />
deny from all
</Directory>
</VirtualHost>
Related
I have two virtual hosts setup on my Ubuntu 20.04 Apache2 webserver.
example2.domain.com.conf
DocumentRoot /var/www/Dev
ServerName example2.domain.com
ServerAlias example2.domain.com
<Directory /var/www/Dev/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
example.domain.com.conf
<VirtualHost *:80>
DocumentRoot /var/www/example
ServerName example.domain.com
ServerAlias example.domain.com
<Directory /var/www/example/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Redirect permanent / https://example.domain.com/
</VirtualHost>
and finally: example.domain.com-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
DocumentRoot /var/www/example
ServerName example.domain.com
ServerAlias example.domain.com
<Directory /var/www/example/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/example.domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.domain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
/etc/hosts
127.0.0.1 localhost
127.0.0.1 example2
Ok, so when I go to example2.domain.com it shows the example2 url but displays the files from example.domain.com. example.domain.com works just fine.
What gives?
I have this conf-file set-up:
Listen 80
<VirtualHost 0.0.0.0:80>
ServerAdmin webmaster#localhost
ServerName test.example.com
WSGIScriptAlias / /var/django/test/test/wsgi.py
#WSGIPythonPath /var/django/test
<Directory /var/django/test/test>
<Files wsgi.py>
Order deny,allow
Allow from all
</Files>
</Directory>
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost 0.0.0.0:80>
ServerAdmin webmaster#localhost
ServerName www.example.com
ServerAlias *.example.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Whenever I open www.example.com, test.example.com or example.com I always receive the standard apache website.
If I delete the second VirtualHost I get an access denied (since the permissions for the wsgi-file are note properly set).
But why can't I run 2 (or more) different VirtualHost of differnt subdomains?
Thanks!
Kev
PS.: I try to run a Django-Site on the subdomain test.example.com
I found the error.
In the second there was a "." instead of a "80".
I use apache2 and I want to have something like username.mydomain.fr
www.mydomain.fr --> /var/www/web-en-royans that is works fine
username.mydomain.fr --> /home/username/www that does not work
also, www.mydomain.fr/~username --> /home/username/www that is works fine, but I don't care.
I activate user_dir and vhost_alias.
UseCanonicalName Off
<VirtualHost *:80>
ServerName www.web-en-royans.fr
DocumentRoot /var/www/web-en-royans
</VirtualHost>
<VirtualHost *:80>
ServerName *.web-en-royans.fr
VirtualDocumentRoot /home/%-3/www
#VirtualDocumentRoot /home/%1/www
</VirtualHost>
<Directory "/var/www/web-en-royans">
Options Indexes MultiViews FollowSymLinks
Order deny,allow
Allow from all
</Directory>
<Directory "/home/*/www">
Options Indexes MultiViews FollowSymLinks
Order deny,allow
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.web-en-royans.fr.log
CustomLog /var/log/apache2/access.web-en-royans.fr.log combined
I want to work with VirtualDocumentRoot more than rewrite_url
Moreover, username.mydomain.fr go to www.mydomain.fr, and whatever.mydomain.fr go to www.mydomain.fr.
I do not even known how to debug or trace it.
Very simple, just disable the mod-userdir, and add a ServerAlias
<VirtualHost *:80>
ServerName www.web-en-royans.fr
DocumentRoot /var/www/web-en-royans
</VirtualHost>
<VirtualHost *:80>
ServerName *.web-en-royans.fr
ServerAlias *.web-en-royans.fr
VirtualDocumentRoot /home/%1/www
</VirtualHost>
I use a Linux Mint 16 + newest LAMP + Laravel.
I'm getting this error when I try viewing my website either via "localhost" or "127.0.0.1".
Forbidden
You don't have permission to access / on this server.
------------------------------------------------------
Apache/2.4.6 (Ubuntu) Server at 127.0.0.1 Port 80
My setting are as follows:
on /etc/hostname
NameServer ynwlocalwebserver
on /etc/hosts
127.0.0.1 localhost
127.0.1.1 ynwlocalwebserver
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
I only have one site-enable named "ynwlocalwebserver.conf" it's current contents for the meantime are:
NameVirtualHost *:80
<VirtualHost *:80>
ServerName ynwlocalwebserver
DocumentRoot /home/ynwmint/ynw/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /home/ynwmint/ynw/public>
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName localhost
DocumentRoot /home/ynwmint/ynw/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /home/ynwmint/ynw/public>
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
The folder ynw in "/home/ynwmint/ynw/public" is the Laravel project.
I put the chmod of the public folder to 777 (for the meantime) and chown it under www-data:www-data
What am I doing wrong, or what else do I need to check?
Thanks.
Apache 2.4 has some minor changes with regards to config.
This:
ServerName ynwlocalwebserver
DocumentRoot /home/ynwmint/ynw/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /home/ynwmint/ynw/public>
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Should be changed to this:
<VirtualHost *:80>
ServerName ynwlocalwebserver
DocumentRoot /home/ynwmint/ynw/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /home/ynwmint/ynw/public>
Options +Indexes +FollowSymlinks + MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Also for added security you may want to this directory rule:
<Directory />
Options FollowSymlinks
AllowOverride None
</Directory>
Source: http://httpd.apache.org/docs/2.4/upgrading.html
I have two directories in /var/www (say, /var/www/app1 and /var/www/app2) whose error logs I want sent to different files. Both are under the same domain, so I think that I can't put them under different virtual hosts. So, for example, I would access them as:
http://localhost/app1
http://localhost/app2
I came across this page:
Generate access logs for different subdirectories in Apache
whose solution works perfectly for the access logs. However, the "env" argument doesn't seem to work with the ErrorLog directive.
Before this "discovery", I was working on this, which seems wrong:
<VirtualHost *:80>
ServerAdmin ray#localhost
DocumentRoot /var/www/app1
<Directory />
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order deny,allow
allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/app1/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/app1/access.log combined
</VirtualHost>
I'm somewhat lost about what I should be doing. That is, if there is some way to get ErrorLog to work or if I should keep trying with configuring a virtual host for each directory. Any help would be appreciated! Thank you!
Why do you set Directory options for / in the VirtualHost context? Use <Directory /var/www/app1> instead of <Directory />
Due to the Apache ErrorLog directive docs its context is server config, virtual host - which means that it's only possible to define ErrorLog for the whole server or for a VirtalHost, not for a Directory. So if you want to send different logs to different files, try to use SetEnvIf to set an Env variable. Depeding on the directory where you are, it should be something like SetEnvIf Request_URI ^\/a1\/ a1 and SetEnvIf Request_URI ^\/a2\/ !a1. Then write logs depending on the a1 environment variable.
Set custom ID for every Directory and you can separate logs by directories like this:
<Directory app1>
SetEnv app1
</Directory>
<Directory app2>
SetEnv app2
</Directory>
CustomLog ${APACHE_LOG_DIR}/site1.log combined env=app1
CustomLog ${APACHE_LOG_DIR}/site2.log combined env=app2
Finally I did it, first create internal subdomains per folder and with proxypass pass the subdomain content.
Enable apache mods:
a2enmod authz_core dir proxy proxy_http
/etc/hosts
127.0.0.1 localhost
127.0.0.1 a.localhost
127.0.0.1 b.localhost
/etc/apache2/sites-available/default.conf
<VirtualHost *:80>
ServerName localhost
ServerAdmin fake#mail.com
DocumentRoot "/dev/null"
ProxyPass /a http://a.localhost/
ProxyPassReverse /a http://a.localhost/
ProxyPass /b http://b.localhost/
ProxyPassReverse /b http://b.localhost/
LogLevel debug
ErrorLog ${APACHE_LOG_DIR}/default-error.log
CustomLog ${APACHE_LOG_DIR}/default-access.log combined
</VirtualHost>
/etc/apache2/sites-available/a.conf
<VirtualHost *:80>
ServerName a.localhost
ServerAdmin fake#mail.com
DocumentRoot "/Publikoa/a"
<Directory "/Publikoa/a">
DirectoryIndex index.html
Require all granted
</Directory>
LogLevel debug
ErrorLog ${APACHE_LOG_DIR}/a-error.log
CustomLog ${APACHE_LOG_DIR}/a-access.log combined
</VirtualHost>
/etc/apache2/sites-available/b.conf
<VirtualHost *:80>
ServerName b.localhost
ServerAdmin fake#mail.com
DocumentRoot "/Publikoa/b"
<Directory "Publikoa/b">
DirectoryIndex index.html
Require all granted
</Directory>
LogLevel debug
ErrorLog ${APACHE_LOG_DIR}/b-error.log
CustomLog ${APACHE_LOG_DIR}/b-access.log combined
</VirtualHost>
Enable sites:
a2ensite default a b
Restart apache:
/etc/init.d/apache2 restart