So I have inherited a linux server and am unclear about its apache configuration.
In the httpd.conf file it has this..
Listen 80
#Listen 443
Based on http://httpd.apache.org/docs/2.2/bind.html
"Note that if the <VirtualHost> is set for an address and port that
the server is not listening to, it cannot be accessed"
Yet this server uses SSL and is receiving requests successfully.
Here is one of the vhost directives..
<VirtualHost *:80>
ServerName www.somesite.com
DocumentRoot /var/www/html/somesite
</VirtualHost>
<VirtualHost 10.0.0.5:443>
DocumentRoot /var/www/html/somesite
ServerName www.somesite.com
SSLEngine on
SSLCertificateFile /sslcerts/mycert.crt
SSLCertificateKeyFile /sslcerts/mycert.key
SSLCertificateChainFile /sslcerts/mycert.gd_bundle.crt
</VirtualHost>
The server is successfully receiving https requests to www.somesite.com
Is there some other configuration I am not seeing?
(also I'm not quite sure if using the internal IP 10.0.0.5 is correct)
thanks to #arkascha a simple grep showed that there was an additional config file where port 443 was enabled
Related
I am configuring a web server with:
Apache2
DDclient
UFW
Letsencrypt.com certification (SSL)
My issue is that the domain is only partly accessible? Everything works as it should, but when I try to access the domain from my phone (using 4G) and from my laptop (WIFI), the phone connection times out (ERR_CONNECTION_TIMED_OUT), and my laptop gets a blocked GET-request.
I can access the site perfectly through ethernet, though I suspect it is not a true connection that passes the request through my router - and my friends are able to visit the domain through an actual internet connection with my router. But why my phone connection doesn't work fumbles me.
Following are my VirtualHost settings, Router settings and UFW settings:
VirtualHost
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName website.com
ServerAlias www.website.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Redirect permanent / https://website.com/
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
ServerName website.com
ServerAlias www.website.com
DocumentRoot /var/www/as
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/www.website.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.website.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
Router Settings
HTTPS 192.168.0.103 External Port 443 Internal Port
80
HTTP 192.168.0.103 External Port 80 Internal Port
80
UFW
Status: active
To Action From
-- ------ ----
Apache Full ALLOW Anywhere
Apache Full (v6) ALLOW Anywhere (v6)
Like, everything seems correct but somehow either the firewall is blocking certain entries; the website gets overloaded; or some settings are messed up. Is there anything I'm missing?
Your virtualhost is wrongly configured. You dont need the *:80 configuration for it to work. If you set your external port to 443 apache will skip directly to the HTTPS domain.
I have one apache server with one SSL-certificate installed, and I set up these virtualhosts in the httpd.conf
<VirtualHost *:80>
ServerName subdomanin.DOMAIN_A.com
DocumentRoot "/var/www/html/XXXXXXXXXXXXXXXXXXXXXXXX"
</VirtualHost>
<VirtualHost *:443>
ServerName DOMAIN_A.com
DocumentRoot "/var/www/html/XXXXXXXXXXXXXXXXXXXXXXXX"
SSLEngine on
SSLCertificateKeyFile XXXXXXXXXXXXXXXXXXXXXXXX
SSLCertificateFile XXXXXXXXXXXXXXXXXXXXXXXX
SSLCertificateChainFile XXXXXXXXXXXXXXXXXXXXXXXX
</VirtualHost>
Everytime I try to reach http://subdomain.DOMAIN_A.com with my browser, it redirects me to port 443, with https before the address. The certificate doesn't work with the subdomain and I receive an error.
I don't understand how to access the subdomain on port 80 by default and not be redirected on port 443.
Kindly confirm whether there is any virtual host entry of subdomanin.DOMAIN_A.com in SSL.conf If there is any then you have to remove it and restart the services
You can test the following:
1- Try to set different documentRoot
2- Restart apache2
3- Clear browsing cache
4- Look at apache log file if there is any error
Is it possible to configure my URL which has my IP address on it- like: "http://192.168.xx.yy/index.php". The situation is when I run Apache server in my PC, and load localhost in it. I know it is possible after hosting with external server, but is there any way we can configure within our localhost?
How to configure the Apache files to make this happen? I tried in my localhost, editing the "httpd.conf" by adding this inside like this - please tell me where I am getting the issue!
ServerName localhost:80
HostnameLookups Off
<VirtualHost *:80>
# This first-listed virtual host is also the default for *:80
ServerName www.example.com
ServerAlias example.com
DocumentRoot /www/domain
</VirtualHost>
<VirtualHost *:80>
ServerName other.example.com
DocumentRoot /www/otherdomain
</VirtualHost>
DocumentRoot "c:/wamp/www/"
Yes, you can play with multiple IP addresses on your machine. Configuration depends on your OS. Article Create Multiple IP Addresses to One Single Network Interface is for linux.
But, better way is to use VirtualHosts based on host names or (simplest) on ports. So you can get http://siteA.mycoputer.localhost, http://siteB.mycomputer.localhost in the first case and http://192.168.x.y:8000, http://192.168.x.y:9000 in the second case
Here is Apache Server config example from Apache Server 2.2 documentation
# Ensure that Apache listens on port 80
Listen 80
# Listen for virtual host requests on all IP addresses
NameVirtualHost *:80
<VirtualHost *:80>
DocumentRoot /www/example1
ServerName www.example.com
# Other directives here
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /www/example2
ServerName www.example.org
# Other directives here
</VirtualHost>
My understanding is there is a problem with having multiple certificates on a single IP as SSL is negotiated before HTTP happens, however what we can do is Service Name Indication (SNI) in TLS to get around this. According to the SNI wikipedia page both Apache 2 modules mod_ssl and mod_gnutls support this extension and also numerous web clients.
I have been trying to use mod_gnutls on centos 5. I have two separate certificates for two domains but only 1 IP. Each works independently but when I put both into the config at once only the first will work. Any https connection on domain2 shows domain1's certificate.
My config looks like this:
Listen 443
NameVirtualHost *:443
<VirtualHost *:443>
ServerName www.domain1.com
ServerAlias www.domain1.com
DocumentRoot /var/www/html/domain1
GnuTLSEnable on
GnuTLSCertificateFile /etc/pki/tls/certs/www.domain1.crt
GnuTLSKeyFile /etc/pki/tls/domain1/private.key
</VirtualHost>
<VirtualHost *:443>
DocumentRoot /var/www/html/domain2
ServerName www.domain2.com
ServerAlias www.domain2.com
GnuTLSEnable on
GnuTLSCertificateFile /etc/pki/tls/certs/domain2.crt
GnuTLSKeyFile /etc/pki/tls/domain2/private.key
</VirtualHost>
Any ideas? Really been scratching my head over this.
Many thanks
So I have this problem...
I use WAMP and have set up perfectly working Virtual Hosts in the past, but now I have come to something I never foresaw.
I am trying to do this:
Access C:\wamp\www through http://localhost
Access D:\somethingelse through http://localhost:8080 OR http://something.dev
I much prefer using the proper http://something.dev, as the working site is http://something.co, and so I can keep them separate.
I have followed guides and read forum posts, but all I have manages to do so far is this:
Access C:\wamp\www through http://localhost OR http://something.dev
Access D:\somethingelse through http://localhost:8080 OR http://something.dev:8080
Anybody got any idea how you would do this? Here's my VirtualHost Code:
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot "C:\wamp\www"
ServerName localhost
ServerAlias www.localhost.com
ErrorLog "logs/localhost-error.log"
CustomLog "logs/localhost-access.log" common
</VirtualHost>
<VirtualHost *:8080>
ServerAdmin webmaster#something
DocumentRoot "D:/something/www"
ServerName something.dev
ServerAlias www.something.dev
ErrorLog "logs/something-error.log"
CustomLog "logs/something-access.log" common
<directory "D:/something/www">
Options Indexes FollowSymLinks
AllowOverride all
Order Allow,Deny
Allow from all
</directory>
</VirtualHost>
And in httpd.conf I have this
Listen *:80
Listen *:8080
And my hosts file is working and points both of these to 127.0.0.1
(The reason I want to do this is that when I code on my machine I use the http://something.dev, but I run Livereload Windows, and test my website simultaneously on an iPhone and iPad on the same local network, but without any access to iOS's equivalent of the hosts file. It also allows me to open up only a specific part of my server to the internet, through port forwarding on my router.)
I suppose you have solved the issue. Anyway is good to share some nice information on how to set up multiple Virtual Hosts in Wamp. This is working for me:
http://www.kristengrote.com/blog/articles/how-to-set-up-virtual-hosts-using-wamp
In my case I am working with ports 8080 and 8181. 8080 is redirecting to a subfolder under c:\wamp\www\myfolder, while 8181 is redirecting to root c:\wamp\www.
To make 8181 work I had to edit httpd-vhosts.conf, hosts (in \drivers\etc folder) and httpd.conf.
In httpd.conf my Apache is listening:
Listen 8080
Listen 8181
also I uncommented:
Include conf/extra/httpd-vhosts.conf
my root is pointing to
DocumentRoot "c:/wamp/www/myfolder"
root directory is configured as:
<Directory "c:/wamp/www">
Options Indexes FollowSymLinks
AllowOverride All
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from ::1
Allow from localhost
</Directory>
and added:
<VirtualHost *:8181>
DocumentRoot "C:\wamp\www"
ServerName name-of-my-fake-server
</VirtualHost>
in httpd-vhosts.conf I have set:
NameVirtualHost *:8181
in hosts (c:\windows\system32\drivers\etc) I have added:
127.0.0.1 localhost
127.0.0.1 name-of-my-fake-server #My Test Site
Doing that I have now two ports working 8080 and 8181: so 8080 points to directory "c:\wamp\www\myfolder" and the other port 8181 points to my root folder "c:\wamp\www\"
Using * as the hostname requires the use of NameVirtualHost:
NameVirtualHost *:80
NameVirtualHost *:8080
For those with MAMP, edit the httpd.conf
nano /Applications/MAMP/conf/apache/httpd.conf
Add Listen for each port
Listen 80
Listen 8080
And the ServerName too
ServerName localhost:80
ServerName localhost:8080
Once done that, edit httpd-vhosts.conf
nano /Applications/MAMP/conf/apache/extra/httpd-vhosts.conf
Define NameVirtualHost
NameVirtualHost *:80
NameVirtualHost *:8080
And the VirtualHost's
<VirtualHost *:80>
DocumentRoot "/Users/yourUser/path/project1"
ServerName project1.local
</VirtualHost>
<VirtualHost *:8080>
DocumentRoot "/Users/yourUser/path/project2"
ServerName project2.local
</VirtualHost>
Of course you need to have project1.local and project2.local in your hosts file
sudo nano /etc/hosts
And add
127.0.0.1 project1.local project2.local
Restart MAMP and you could access your vhost by
project1.local
project2.local:8080
project2 could be access also in your network or with a external IP (e.g to test from a different device like a mobile phone). Assuming your IP is 192.168.1.10
192.168.1.10:8080
The question is a little about it. But I assumed that it's near there and may be helpful for somebody.
Recently I met the problem when I need to get access to a few resources (debian repository, my website and phpmyadmin) by one external IP address and port.
After learning the problem I found technology named as reverse proxy. It like proxy but server is accepting all connection from many users and redirect to one target (your server).
I made simple Docker image and docker-compose file and push that to github.com/urpylka/docker-nginx-reverse-proxy and hub.docker.com.
Config file is very simple:
server {
listen 80;
server_name smirart.ru robotic.lol;
location / {
proxy_pass http://robotic.lol:1080/;
}
}
server {
listen 80;
server_name repo.smirart.ru;
location / {
proxy_pass http://8.8.8.8:2080/;
}
}
You can use that for few web-servers running by different IP.