Well, I am new on Debian, Built server on Digital Ocean with Debian OS.
I successfully added two domains into one droplet:
mysite.com
anothersite.com
Created new dir:
/home/user/www/mysite.com/public_html
and copied files to public_html
The config file inside /etc/apache2/sites-available is:
DocumentRoot /home/user/www/mysite.com/public_html
<Directory /home/user/www/mysite.com/public_html>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/myproject-error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/myproject-access.log combined
Of Course, I enabled the site.
I haven't edited apache2.conf file and haven't configured 2nd domain (anothersite.com). Just added this 2nd domain to droplet, that's all.
when I enter to the site mysite.com it works perfect. But I wondered that why 2nd domain (anothersite.com) is redirected to 1st (mysite.com) domain?
By the way, I use Apache 2.4
If hostname (e.g. anothersite.com) point to the apache webserver but haven't explicitely configured a section that matches that hostname, then apache will deliver a "best match" (the first ).
so if only have a single in apache config and multiple hostnames (mysite.com and anothersite.com) point to the same machine, all of these names will display the same virtual host
Related
I've installed vanilla at Ubuntu server with public-ip by the steps at https://www.vultr.com/docs/how-to-install-vanilla-forum-on-ubuntu-16-04
Then config /etc/apache2/sites-available/forum.example.com.conf as below
<VirtualHost *:80>
ServerName forum.example.com
DocumentRoot /var/www/vanilla
<Directory /var/www/vanilla>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
Then I can access http://public-ip at browser, but the result is Apache2 Ubuntu Default Page.
How can I access the installed vanilla at the browser? Should I make any change to the forum.example.com.conf?
If the request doesn't match a virtual host, Apache will serve files from the top level (not inside a <VirtualHost> block) DocumentRoot config value.
#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
DocumentRoot /var/www/html
I don't know Ubuntu well but I'd guess this is in /etc/apache2/apache2.conf. You can change this to /var/www/vanilla to serve your forum instead of the default page.
Alternatively you could rename / delete the existing /var/www/html and make it a symlink to /var/www/vanilla: then Apache would pick up the forum files without any config change.
Or if you just want to set up access for yourself then you can add the DNS name to your hosts file (/etc/hosts on Linux, \Windows\System32\drivers\etc\hosts on Windows)
forum.example.com AAA.BBB.CCC.DDD
and then you can use forum.example.com in your browser as normal, which will send the 'Host' header so Apache will match the virtual host, even though this isn't configured as public DNS.
<VirtualHost *:80>
ServerName db.mydomain.co
#ServerAlias db.mydomain.co
DocumentRoot /var/www/db/public
<Directory /var/www/db/public>
AllowOverride All
</Directory>
ErrorLog /var/www/db/error.log
CustomLog /var/www/db/requests.log combined
It's the config file I created in cong.d directory. I also changed the host file on my PC pointing mydomain.co to the server IP address. After I restarted my apache server, I go to db.mydomain.co which gives me db.mydomain.co’s server DNS address could not be found. But ironically, mydomain.co shows me the subdomain content and I won't be able to access the website hosted on my main domain. I'm using the distribution made by Amazon, and it's based on CentOS I think.
I really have no idea what's going on here. Any helps appreciated.
I have asked a similar question before
Restrict access to directories through ip address
at that time the problem was solved for apache 2.2. Recently I re-installed the OS (to Debian 8) and it comes with apache 2.4.
I want to restrict access to files - when the request comes "by" IP. Mainly if in the browser I try to open http://192.168.252.178/test/image.jpg it should show error - 403 forbidden. Directory test is in www directory of apache. However I should be able to access that image if I type http://www.example.com/image.jpg - considering that example.com points to that test directory.
With apache version 2.2 I would simply put this lines in my default site config file - and the problem was solved
<Files ~ ".+">
Order allow,deny
Deny from all
</Files>
Now, trying the same thing does not work: I am getting 403 forbidden even if I try to open any site by the domain name.
Considering the changes in 2.4 I also tried this, but again getting the the same 403 forbidden when trying to open some site.
<Files ~ ".+">
Require all denied
</Files>
My goal is to prevent any kind of access to directories and files - if they are being accessed through ip address. I have also this lines in my default site's config to prevent the directory access and this works fine.
<Directory /home/username/www>
Options -Indexes
AllowOverride All
Require all granted
</Directory>
So, the question is - how to prevent file access through IP address. Also I need to achieve this by apache config, by htaccess is not a solution for me. And I need to achieve this for all the directories/files inside www recursively, so specifying the exact file names and/or directories is not a solution either.
Thanks
When you use name based virtual hosts, the main server goes away. Apache will choose which virtual host to use according to IP address (you may have more than one) and port first, and only after this first selection it will search for a corresponding ServerName or ServerAlias in this subset of candidates, in the order in which the virtual hosts appear in the configuration.
If no virtual host is found, then the first VHost in this subset (also in order of configuration) will be choosen. More.
I mention this because it will be important you have only one type of VirtualHost directive:
<VirutalHost *:80>
or
<VirtualHost 123.45.67.89:80>
I'll use the wildcard in the example.
You need a directory like /var/www/catchall with a file index.html or similar, as you prefer.
<VirtualHost *:80>
# This first-listed virtual host is also the default for *:80
# It will be used as the catchall.
ServerName 123.45.67.89
# Giving this DocRoot will avoid any request based on IP or any other
# wrong request to get to the other users directories.
DocumentRoot "/var/www/catchall"
<Directory /var/www/catchall>
...
</Directory>
</VirtualHost>
# Now you can add as usuall the configuration for any other VHost you need.
<VirtualHost *:80>
ServerName site1.com
ServerAlias www.site2.com
DocumentRoot "/home/username1/www"
<Directory /home/username1/www>
...
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName site2.com
ServerAlias www.site2.com
DocumentRoot "/home/username2/www"
<Directory /home/username2/www>
...
</Directory>
</VirtualHost>
Debian specific :
For Debian, you ideally put one VHost configuration per file, and put the file in the /etc/apache2/sites-available directory.
Name the files as you like, only the file containing the catchall vhost should be named something like 000-catchall, because they will be read in alphabetic order from the /etc/apache2/sites-enabled directory.
Then you disable Debian's usual default site :
a2dissite 000-default
and you enable the new catchall site and the other VHosts if needed :
a2ensite 000-catchall
An ls /etc/apache2/sites-enabled command should show the catchall as the first of list, if not change its file name so that it will always be the first. Restart Apache: service apache2 restart
Of course you could do all this changes in the original default VHost config file, but I usually prefer keep an original model.
Lets' asume I have 1 domain on a Ubuntu Server in the following directory:
/var/www/domain1.com/httpdocs
and that the ip address is 100.100.100.100
If I go to www.domain1.com, Apache will server the files inside the httpdocs folder.
How can I avoid that if the following file exists:
/var/www/domain1.com/privatefile.html
.. apache shows it by going to:
http://100.100.100.100/domain1.com/privatefile.html
In other words, I want to display the content in the httpdocs only, no by ip address.
In a vhost setup, Apache will use the first vhost defined as the default one to serve when a request comes in by IP. So just make a "dummy" vhost that points nowhere, and make sure it's the first one in the config file:
<VirtualHost *:80>
ServerName nothing.nowhere
ServerAdmin nobody#nothing.nowhere
DocumentRoot /var/empty
<Directory /var/empty>
Order Allow,Deny
</Directory>
</VirtualHost>
I'm having troubles with installing Let's Encrypt certification on AWS EC2 instance. Followed couple of tutorials from Google.
I've created the cert files and updated the path correctly in /etc/httpd/conf.d/ssl.conf. However, my domain is still not accessible via https. I haven't created multiple httpd config files for different domain but configuring them all in /etc/httpd/conf/httpd.conf. The typical configuration for a domain looks like following :
<VirtualHost *:80>
ServerName mydomain.in
ServerAlias www.mydomain.in
DocumentRoot /var/www/html/
<Directory /var/www/html>
# This relaxes Apache security settings.
AllowOverride all
# MultiViews must be turned off.
Options -MultiViews
</Directory>
</VirtualHost>
In the similar fashion, I've added multiple domains on the server. The certificate files I've generated for 1 domain only.
Any help or pointers in resolving the same will be much helpful.
While generating the cetificate you have to mention all the domain at single time.
then you can use the same generated certificate for multiple domains.
For more information please check this link https://blog.alejandrocelaya.com/2016/08/16/setup-a-lets-encrypt-certificate-in-a-aws-elastic-load-balancer/
For multiple domains,you can do this by the creating multiple virtual host with same ssl setting.