I am hosting website iplocation.io on a cloud server. I found a domain https://chrissloey.com/index.php which opens my website within it.
Now from what I understand, chrissloey.com has pointed it A record to my server ip and my apache2 server is not denying connection to it and allow's to open iplocation.io website content like its own.
I want apache2 to deny connections to any other domain and only allow my own domain to server content.
Attached is apache conf file for iplocation.io
<VirtualHost *:80>
ServerAdmin email#email.com
DocumentRoot /var/www/public_html
ServerName iplocation.io
ServerAlias www.iplocation.io
ErrorLog ${APACHE_LOG_DIR}/apache-error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/public_html>
Options FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName iplocation.io
ServerAdmin email#email.com
DocumentRoot /var/www/public_html
SSLEngine on
SSLCertificateFile /path-to-csr
SSLCertificateKeyFile /path-to-key
SSLCertificateChainFile /path-to-ca
<Directory /var/www/public_html>
Options FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
</IfModule
Looking at the two comments I think the combination makes most sense:
Configure httpd to respond with redirect (301) to all incoming requests. This could be done on the 'root' host.
Configure a virtualhost listening to your domain only, and this one would serve your real content only.
This will work unless the other site requests your content and then integrates it into their responses. But as you said someone else simply put up a DNS A record.
Related
I have an apache config using a DV wildcard cert. The ssl.conf is configured to use the certificate for all server traffic.
My vhost conf file has two virtual hosts defined there. A production vhost and a dev vhost. The conf file contents are;
<VirtualHost *:443>
ServerName www.example.com
ServerAlias example.com
ServerAdmin webmaster#example.com
DocumentRoot /var/www/html/vhosts/prod_example_com/
<Directory "/var/www/html/vhosts/prod_example_com">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog "/var/log/httpd/www.example.com-error_log"
CustomLog "/var/log/httpd/www.example.com-access_log" common
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/comodo/STAR_example_com.crt
SSLCertificateKeyFile /etc/pki/tls/certs/csr/www_example_com.key
SSLCertificateChainFile /etc/pki/tls/certs/comodo/SectigoRSADomainValidationSecureServerCA.crt
</VirtualHost>
<VirtualHost *:443>
ServerName dev.example.com
ServerAdmin webmaster#example.com
DocumentRoot "/var/www/html/vhosts/dev_example_com"
<Directory "/var/www/html/vhosts/dev_example_com">
AllowOverride All
Require all granted
</Directory>
ErrorLog "/var/log/httpd/dev.example.com-error_log"
CustomLog "/var/log/httpd/dev.example.com-access_log" common
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/comodo/STAR_example_com.crt
SSLCertificateKeyFile /etc/pki/tls/certs/csr/www_example_com.key
SSLCertificateChainFile /etc/pki/tls/certs/comodo/SectigoRSADomainValidationSecureServerCA.crt
</VirtualHost>
So, when I go to https://dev.example.com, it works great. However, when I try to go to https://www.example.com, it instead goes to the Apache server webroot of /var/www/html.
Have I overlooked something?
Thanks in advance to any help offered?
I seemed to have found the issue. In my particular instance, the vhost.conf VirtualHost tags were change both to *:443, but what got everything back on track was commenting out ServerName www.example.com:443 from my httpd.conf and restarting Apache. I hope this helps someone else that may be suffering from this same issue.
I'm having an important issue with my WAMP Server configuration. I've tried many configurations listed on many websites to no avail. I'm trying to make the directory /forums be accessible via https://forums.centmc.tk. However, upon travelling to https://forums.centmc.tk, it almost immediately says "forums.centmc.tk's server IP address could not be found." https://centmc.tk works fine, and so does the 301 redirect from https://centmc.tk/forums to https://forums.centmc.tk. I just can't figure out why the subdomain won't work.
I know it's an issue with my httpd-vhosts.conf file, so here's that:
# Virtual Hosts
#
<VirtualHost *:80>
ServerName localhost
ServerAlias localhost
DocumentRoot "c:/wamp64/www"
<Directory "c:/wamp64/www/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:443>
DocumentRoot c:/wamp64/www
ServerName centmc.tk
SSLEngine on
SSLCertificateFile c:/wamp64/bin/apache/apache2.4.27/conf/centmc.tk.crt
SSLCertificateKeyFile c:/wamp64/bin/apache/apache2.4.27/conf/centmc.tk.key
Redirect 301 /forums https://forums.centmc.tk
Redirect 301 /forum https://forums.centmc.tk
<Directory "c:/wamp64/www/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:443>
ServerName centmc.tk
ServerAlias forums.centmc.tk
VirtualDocumentRoot "c:/wamp/www/forums"
ErrorLog "c:/wamp64/bin/apache/apache2.4.27/logs/errors.log"
<Directory "c:/wamp/www/forums">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Thanks for any help in advance! Sorry for the rather large text brick at the top.
Lucas.
Sounds like a DNS problem. If you are running a DNS server on your network, you will need to add an "A" record for the "forums" subdomain. Something like this:
; example.com [448369]
$TTL 86400
# IN SOA ns1.linode.com. admin.example.com. 2013062147 14400 14400 1209600 86400
# MX 10 mail.example.com.
# A ###.###.###.###
mail A ###.###.###.###
www A <put your server IP here>
forums A <put your forums server IP here>
If you're using public DNS servers (like 8.8.8.8, 4.4.4.4, or just your default ISP's DNS servers... you'll need to add a CNAME record to wherever your domain name is registered. (GoDaddy for example). Here's a link to how to do it on GoDaddy: https://www.godaddy.com/help/add-a-subdomain-that-points-to-an-ip-address-4080
I hope that helps.
I am taking over a multi-site Apache server, with two websites (A and B). Going to website A's url via http works fine. Going to the same url, but using https, shows website B. Why is this, and how do I make https://urlA.com go to website A?
I solved the problem.
The servers were set up with VirtualHosts, but there was no VirtualHost for port 443. So it looked something like this:
<VirtualHost 99.9.9.999:80>
DocumentRoot /var/www/example
ServerName example.com
<Directory "/var/www/example">
Options Indexes
AllowOverride None
DirectoryIndex index.php index.html
Order allow,deny
Allow from all
</Directory>
Adding a VirtualHost listening on port 443, with the SSLCertFiles specified fixed the problem.
<VirtualHost 99.9.9.999:443>
DocumentRoot /var/www/example
ServerName example.com
<Directory "/var/www/example">
Options Indexes
AllowOverride None
DirectoryIndex index.php index.html
Order allow,deny
Allow from all
</Directory>
SSLCertificateFile /etc/httpd/conf/example.crt
SSLCertificateKeyFile /etc/httpd/conf/_.example.key
SSLCertificateChainFile /etc/httpd/conf/gd_example.crt
SSLEngine on
</VirtualHost>
everybody.
I have a Cent OS 6.6 server with Apache + mod_php site (site1.local). I need to configure second site (site2.local) with php_cgi. So, I created a user, gave him permissions on www-folder, configured site1 as mod_php, created a phpinfo.php. Also, I installed php-cgi,and try to configure virtual hosts, works only first site, on the second site is error:
the requested url /cgi-bin/phpinfo.php was not found onthis server.
That's my configs:
cat /etc/httpd/conf/httpd.conf
<VirtualHost *:80>
ServerAdmin webmaster#site1.local
DocumentRoot /var/www/wwwmaster/site1.local
ServerName site1.local
ServerAlias www.site1.local
ErrorLog logs/site1.local-error_log
CustomLog logs/site1.local-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin webmaster#site2.local
DocumentRoot /var/www/wwwmaster/site2.local
ServerName site2.local
ServerAlias www.site2.local
ScriptAlias /cgi_bin/ /usr/bin/php-cgi/
Action php-cgi /cgi-bin
AddHandler php-cgi php
<Directory /usr/bin/php-cgi>
Allow from all
</Directory>
<Directory "/var/www/wwwmaster/site2.local/">
<FilesMatch "\.php">
SetHandler php-cgi
</FilesMatch>
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Order Deny,Allow
Allow from all
</Directory>
ErrorLog logs/site2.local-error_log
CustomLog logs/site2.local-access_log common
</VirtualHost>
What I've done wrong and how can I fix that?
You only have to uncomment the line that says NameVirtualServer *:80 in your apache config file.
If you want virtual server for more than one port, simply put as many NameVirtualServer *:[port number] in the apache config file as you need.
I am trying to direct web traffic for our domain to a Vhost site and our internal web site to separate directory that is only accessible within our private network,i.e 192.168.x.x.
I have modified Vhost configuration on Apache to include a name-based Vhost for the external website and a IP Vhost for the Intranet. No far I have had no luck, Apache does not like it.
Here is my modified Vhost config file.
NameVirtualHost *:80
<Directory "/home/webs">
Options +FollowSymLinks +Includes
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<VirtualHost *:80>
DocumentRoot /home/webs/foo
ServerName www.foo.com
ServerAlias foo.com
LogLevel warn
ErrorLog /home/webs/foo/error.log
CustomLog /home/webs/foo/logs/access.log combined
</VirtualHost>
NameVirtualHost 192.168.0.*:80
<Directory "/home/webs/OffCat">
Options +FollowSymLinks +Includes
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<VirtualHost 192.168.0.*:80>
DocumentRoot /home/webs/OffCat
ServerName 192.168.0.15/OffCat
LogLevel warn
ErrorLog /home/webs/OffCat/logs/error.log
CustomLog /home/webs/OffCat/logs/access.log combined
</VirtualHost>
I would appreciate any help.
Thanks,
Tony Cripps