Apache htpasswd for multiple websites/dirs? - apache

I'm not 100% familiar how htpasswd works, but i'm wondering if it is possible.
I have one server with one IP and multiple domains there. I need to password protect all of those domains but if possible only at one place. I don't want to go around and make htpasswd for each website.
Assuming that i have all websites places under /var/www/{vhost dirs}
Is it possible at all and how and how?

Multiple domain on single IP is possible from virtual host configuration in apache.
E.g I am running few domains on single machine :
www.internationalworkersday.com
www.internationallabourday.com
www.internationlaborday.com
www.internationalworkersday.org
www.apnok.com
#Here is virtual host configuration in httpd.conf
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
<VirtualHost *:80>
ServerAdmin www.apnok.com
DocumentRoot /home/ap/
ServerName www.apnok.com
ServerAlias apnok.com *.apnok.com
ErrorLog logs/error_log
CustomLog logs/access_log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin www.internationalworkersday.com
DocumentRoot /home/iwd/
ServerName www.internationalworkersday.com
ServerAlias internationalworkersday.com
ErrorLog logs/error_log
CustomLog logs/access_log_iwd common
</VirtualHost>
<VirtualHost *:80>
# ServerAdmin www.internationallabourday.com
DocumentRoot /home/ild/
ServerName www.internationallabourday.com
ServerAlias internationallabourday.com
# ErrorLog logs/error_log
#CustomLog logs/access_log_ild common
RewriteEngine On
RewriteCond %{HTTP_HOST} ^internationallabourday\.com [NC]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ http://www.internationalworkersday.com
#DirectoryIndex index.php index.php.var
</VirtualHost>
<VirtualHost *:80>
ServerAdmin www.internationallaborday.com
DocumentRoot /home/ila/
ServerName www.internationallaborday.com
ServerAlias internationallaborday.com
ErrorLog logs/error_log
CustomLog logs/access_log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin www.internationalworkersday.org
DocumentRoot /home/iwd/
ServerName www.internationalworkersday.org
ServerAlias internationalworkersday.org
ErrorLog logs/error_log
CustomLog logs/access_log_org common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin www.internationallabourday.org
DocumentRoot /home/ild/
ServerName www.internationallabourday.org
ServerAlias internationallabourday.org
ErrorLog logs/error_log
CustomLog logs/access_log_org common
</VirtualHost>

Related

Order to declare VirtualHost for domain and subdomains, Apache2, Ubuntu

I declared in my DNS, my domain, subdomain1 and subdomain2, and everything works.
Then I create my directories like this :
/var/www/domain.com/public_html/index.html /var/www/subdomain1.domain.com/public_html/index.html /var/www/subdomain2.domain.com/public_html/index.html
Then I create : /etc/apache2/sites-available/domain.conf
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.subdomain1.domain.com
ServerAlias www.subdomain1.domain.com
ServerAdmin webmaster#domain.com
DocumentRoot /var/www/subdomain1.domain.com/public_html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName www.subdomain2.domain.com
ServerAlias www.subdomain2.domain.com
ServerAdmin webmaster#domain.com
DocumentRoot /var/www/subdomain2.domain.com/public_html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName www.domain.com
ServerAlias www.domain.com
ServerAdmin webmaster#domain.com
DocumentRoot /var/www/domain.com/public_html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
I disable the default configuration: sudo a2dissite 000-default.conf
Then I activate each of the websites: sudo a2ensite domain.conf
I restart Apache 2: sudo systemctl restart apache2.service
The problem is that all links point to the first declared VirtualHost, even when I separate the VirtualHost declarations in separate .conf files, it will always be the first VirtualHost in the directory that will be opened for all DNS domains.
Apache will try to match the requested domain to one of the VirtualHost it knows about. When it cannot find a match, it will use the first one it read, top to bottom in the configurations. Hence here, your domains are not being recognized by Apache, and you get the first one all the time.
I modified your configuration a little bit:
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.subdomain1.example.com
ServerAlias subdomain1.example.com
ServerAdmin webmaster#example.com
DocumentRoot /var/www/subdomain1.example.com/public_html
ErrorLog ${APACHE_LOG_DIR}/sub1_error.log
CustomLog ${APACHE_LOG_DIR}/sub1_access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName www.subdomain2.example.com
ServerAlias subdomain2.example.com
ServerAdmin webmaster#example.com
DocumentRoot /var/www/subdomain2.example.com/public_html
ErrorLog ${APACHE_LOG_DIR}/sub2_error.log
CustomLog ${APACHE_LOG_DIR}/sub2_access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
ServerAdmin webmaster#example.com
DocumentRoot /var/www/example.com/public_html
ErrorLog ${APACHE_LOG_DIR}/example_error.log
CustomLog ${APACHE_LOG_DIR}/example_access.log combined
</VirtualHost>
Details:
NameVirtualHost is only required if you run Apache 2.2. >2.4, it is automatic, no need to put it, it will work anyway.
ServerAlias is useful to define another domain name that applies to this VirtualHost. If you define ServerAlias == ServerName, it is useless.
Therefore, the ServerAlias are now configured with the domain names, without "www."
Split your log files. If you have 3 VH pointing to the same logs, it will be a real mess to debug. It makes it easier when split.
So with this configuration...
http://www.subdomain1.example.com and http://subdomain1.example.com will go to the 1st VH.
Similar for subdomain2
And http://www.example.com and http://example.com will use the third one.
This is based on your question and the comment where you say you tried example.com. In your configuration, example.com was not listed anywhere (i.e. www.example.com != example.com).

Apache 2.4 Restrict SSL to specific subdomain Vhosts

I have a single digitalocean droplet, with only a single IPV4 address possible. I would like to use SNI to apply TLS (SSL) encryption onto only a specific subdomain, and not any other parts of the domain.
Example being:
domain.com (No TLS)
sub.domain.com (TLS, certificate 1)
sub1.domain.com (TLS, certificate 2)
sub2.domain.com (no TLS)
I'm using LetsEncrypt for the certificates, so wildcard domains are not possible.
domain.com.conf
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName domain.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
sub.domain.com
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
ServerName sub.domain.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
</VirtualHost>
</IfModule>
sub1.domain.com
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
ServerName sub1.domain.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
</VirtualHost>
</IfModule>
sub2.domain.com
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName sub2.domain.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Two things you should be aware of:
You never know which protocols users are going to use. They will default to http if protocol not defined and some browser extensions will try https first and use that if it exists.
Apache will fallback to the first site defined for that port if there's not a better match. In which case you might end up serving the wrong site if, for example, you don't define a sub2.domain.com site on port 443.
So you should define all 4 domains on both port 80 and port 443 and basically have 8 vhosts defined.
This also means will need to buy (or get for free from LetsEncrypt) certificates to cover all domains and not just the two you want to serve over https.
Then you should use redirects appropriately:
domain.com (No TLS): Serve site on port 80. Config for port 443 should just redirect all traffic back to equivalent page on http://domain.com
sub.domain.com (TLS, certificate 1): Serve site on port 443. Config for port 80 should just redirect all traffic back to equivalent page on https://sub.domain.com
sub1.domain.com (TLS, certificate 2): Similar to sub.domain.com setup mentioned in point 2 above.
sub2.domain.com (no TLS): Similar to domain.com set up mentioned in point one above.
Example config:
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName domain.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
sub.domain.com
<IfModule mod_ssl.c>
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName sub.domain.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/%$1 [R,L]
</VirtualHost>
</IfModule>
sub1.domain.com
<IfModule mod_ssl.c>
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName sub1.domain.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/%$1 [R,L]
</VirtualHost>
</IfModule>
sub2.domain.com
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName sub2.domain.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
ServerName domain.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-domain.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-domain.key
RewriteEngine On
RewriteRule (.*) http://%{SERVER_NAME}/%$1 [R,L]
</VirtualHost>
sub.domain.com
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
ServerName sub.domain.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-subdomain.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-subdomain.key
</VirtualHost>
</IfModule>
sub1.domain.com
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
ServerName sub1.domain.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-subdomain1.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-subdomain1.key
</VirtualHost>
</IfModule>
sub2.domain.com
<VirtualHost *:443>
ServerAdmin webmaster#localhost
ServerName sub2.domain.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-subdomain2.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-subdomain2.key
RewriteEngine On
RewriteRule (.*) http://%{SERVER_NAME}/%$1 [R,L]
</VirtualHost>
However if going to all this hassle then might want to rethink not serving everything over https.

How to enable multiple domains and or subdomains with apache httpd server

I'm trying to enable multiple domains in my environment Development, but am not succeeding the way I tried below, at which point I'm wrong?
I installed httpd and changed DocumentRoot in httpd.conf to:
C:/Webserver/www
*I changed the Windows hosts file to(in Italics would like to access):
If I switch to 127.0.0.1 api.rotadorock the address resolves to www/ but the right is www/rotadorock/api.
127.0.0.1 localhost
127.0.0.1 webserver
127.0.0.1/rotadorock/ecommerce rotadorock
127.0.0.1/rotadorock/api api.rotadorock
127.0.0.1/rotadorock/ecommerce ecommerce.rotadorock
127.0.0.1/rotadorock/mobile mobile.rotadorock
127.0.0.1/rotadorock/sistema sistema.rotadorock
127.0.0.1/rotadorock/social social.rotadorock
*Update(windows hosts file)
I removed the hosts file changes I mentioned above, because as #Volker Birk said are not necessary. But even so, still can not access as desire (api.rotadorock/ or localhost/api.rotadorock/ and should point to C:/Webserver/www/rotadorock/api). What could be wrong?
And finally changed httpd-vhost.conf for:
NameVirtualHost webserver:80
<Directory "C:/Webserver/www">
Options All
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<VirtualHost *:80>
ServerName localhost
DocumentRoot "c:/Webserver/www"
ServerAlias localhost
ErrorLog "logs/httpd-error.log"
CustomLog "logs/httpd-access.log" common
</VirtualHost>
<VirtualHost *:80>
ServerName webserver
DocumentRoot "c:/Webserver/www"
ServerAlias webserver
ErrorLog "logs/httpd-error.log"
CustomLog "logs/httpd-access.log" common
</VirtualHost>
<VirtualHost rotadorock:80>
ServerName rotadorock
DocumentRoot "c:/Webserver/www/rotadorock/ecommerce"
ServerAlias rotadorock
ErrorLog "logs/httpd-error.log"
CustomLog "logs/httpd-access.log" common
</VirtualHost>
<VirtualHost api.rotadorock:80>
ServerName api.rotadorock
DocumentRoot "c:/Webserver/www/rotadorock/api"
ServerAlias api.rotadorock
ErrorLog "logs/httpd-error.log"
CustomLog "logs/httpd-access.log" common
</VirtualHost>
<VirtualHost ecommerce.rotadorock:80>
ServerName ecommerce.rotadorock
DocumentRoot "c:/Webserver/www/rotadorock/ecommerce"
ServerAlias ecommerce.rotadorock
ErrorLog "logs/httpd-error.log"
CustomLog "logs/httpd-access.log" common
</VirtualHost>
<VirtualHost mobile.rotadorock:80>
ServerName mobile.rotadorock
DocumentRoot "c:/Webserver/www/rotadorock/mobile"
ServerAlias mobile.rotadorock
ErrorLog "logs/httpd-error.log"
CustomLog "logs/httpd-access.log" common
</VirtualHost>
<VirtualHost sistema.rotadorock:80>
ServerName sistema.rotadorock
DocumentRoot "c:/Webserver/www/rotadorock/sistema"
ServerAlias sistema.rotadorock
ErrorLog "logs/httpd-error.log"
CustomLog "logs/httpd-access.log" common
</VirtualHost>
<VirtualHost social.rotadorock:80>
ServerName social.rotadorock
DocumentRoot "c:/Webserver/www/rotadorock/social"
ServerAlias social.rotadorock
ErrorLog "logs/httpd-error.log"
CustomLog "logs/httpd-access.log" common
</VirtualHost>
You don't need the hosts file. Have a look into the documentation:
http://httpd.apache.org/docs/2.2/en/vhosts/name-based.html
Finally solved the problem. And I could just using the Windows hosts file and httpd-vhosts.conf httpd together.
Let me give an example of what was done to enable multiple subdomains accessing locally.
On Windows hosts file to add, for each domain and subdomain you want something like this:
127.0.0.1 api.rotadorock #my subdomain
127.0.0.1 rotadorock #my domain
And then the httpd-vhosts apache httpd:
# Accessing the API
<VirtualHost 127.0.0.1>
DocumentRoot "C:/Webserver/www/rotadorock/api"
ServerName api.rotadorock
ServerAlias ​​api.rotadorock
<Directory "C:/Webserver/www/rotadorock/api">
All Options Includes Indexes
</ Directory>
</VirtualHost>
# Accessing the domain
<VirtualHost 127.0.0.1>
DocumentRoot "C:/Webserver/www/rotadorock/"
ServerName rotadorock
ServerAlias ​​*.rotadorock
<Directory "C:/Webserver/www/rotadorock/">
All Options Includes Indexes
</Directory>
</VirtualHost>
And then that way I could access api.rotadorock/ and rotadorock/ locally. I tried all ways without the hosts file. But just gotta use it. If someone can explain to me how it should have done so it would not need to use the hosts I would be grateful.

defining VirtualHosts in apache fails

i tried using the vhost file (httpd-vhosts.conf) in apache to define different directories for different domain names. i defined it as follow and restarted apache.
no success - when i try to reach www.domain.mx it does not take me to the path mentioned in the documentroot.
i made sure the vhost file is included in the httpd.conf file and its module is loaded.
what am i doing wrong?
NameVirtualHost 12.12.65.90:80
NameVirtualHost domain.mx:80
NameVirtualHost www.domain.mx:80
#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
#
<VirtualHost 12.12.65.90:80>
ServerAdmin webmaster#23.21.65.90
DocumentRoot "C:/xampp/htdocs/"
ServerName 12.12.65.90
ServerAlias http://12.12.65.90/
ErrorLog "logs/general-errors.log"
CustomLog "logs/general.log" combined
</VirtualHost>
<VirtualHost domain.mx:80>
ServerAdmin webmaster#domain.mx
DocumentRoot "/taska/"
ServerName domain.mx
ServerAlias domain.mx
ErrorLog "logs/domain-errors.log"
CustomLog "logs/domain.log" combined
</VirtualHost>
<VirtualHost www.domain.mx:80>
ServerAdmin webmaster#domain.mx
DocumentRoot "/taska/"
ServerName www.domain.mx
ServerAlias www.domain.mx
ErrorLog "logs/domain-errors.log"
CustomLog "logs/domain.log" combined
</VirtualHost>
apparently this is the way to do it (using serverAlias):
NameVirtualHost *:80
#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
#
<VirtualHost *:80>
ServerAdmin webmaster#domain.mx
DocumentRoot "c:/xampp/htdocs/taska"
DirectoryIndex taska.html
ServerName domain.mx
ServerAlias domain.mx
ErrorLog "logs/domain-errors.log"
CustomLog "logs/domain.log" combined
</VirtualHost>
<VirtualHost *:80>
ServerAdmin webmaster#domain.com
DocumentRoot "c:/xampp/htdocs/taska"
DirectoryIndex taska.html
ServerName www.domain.mx
ServerAlias *.domain.mx
ErrorLog "logs/domain-errors.log"
CustomLog "logs/domain.log" combined
</VirtualHost>
<VirtualHost *:80>
ServerAdmin webmaster#21.11.65.90
DocumentRoot "c:/xampp/htdocs/"
ServerName localhost
ServerAlias 21.11.65.90
ErrorLog "logs/general-errors.log"
CustomLog "logs/general.log" combined
</VirtualHost>
<Directory C:/xampp/htdocs/taska>
Order Deny,Allow
Allow from all
</Directory>

Different VirtualHosts with the same port

I need to have two VirtualHosts with the same listen port for different projects and with different logs. Here's what I've got:
<VirtualHost *:80>
DocumentRoot /home/projects/smk
ErrorLog /var/log/apache2/smk-error.log
RedirectMatch ^/$ /cms
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /home/projects/smk/cms
ErrorLog /var/log/apache2/smk-cms-error.log
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /home/projects/smk/deploy
ErrorLog /var/log/apache2/smk-deploy-error.log
</VirtualHost>
Add different ServerName directive in all virtual hosts:
<VirtualHost *:80>
ServerName dev.localhost
DocumentRoot /home/projects/smk/cms
ErrorLog /var/log/apache2/smk-cms-error.log
</VirtualHost>
<VirtualHost *:80>
ServerName my-project.localhost
DocumentRoot /home/projects/smk/deploy
ErrorLog /var/log/apache2/smk-deploy-error.log
</VirtualHost>
Don't forget to add host-entries for dev.localhost and my-project.localhost in /etc/hosts to 127.0.0.1 or whatever ip you want it to point to.
ServerName my-project.localhost
DocumentRoot /home/projects/smk/deploy
ErrorLog /var/log/apache2/smk-deploy-error.log
//Try adding Error document
ErrorDocument 404 404.html
There is a need to create a feedback in your application.