I have a couple websites I'm developing and through virtual servers and different document roots, have them configured to be accessed based on port. I.e. localhost:8010 for one site, localhost:8020 for another.
Before I had multiple sites, SSL worked fine with just one using ports 80 and 443. However now the unescured sites load fine but for either one the SSL connection cannot be established. It also seems like its not changing the port--when I click on a link that starts with https:// it tries to go to https://localhost:8010/secure/route.
I'm fine with either urls like https://localhost:8010/secure/route to work, or for it depending on the site to auto-escalate to some other port (i.e. https://localhost:8011/project/one/secure/route, https://localhost:8021/project/two/secure/route), or something else as long as I can run two sites locally using different ports and SSL!
In my httpd.conf I have:
Listen 8010
Listen 8020
as well as:
<Directory "/path/to/project/one">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Require all granted
</Directory>
<Directory "/path/to/project/two">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Require all granted
</Directory>
In my httpd-vhosts.conf I have:
<VirtualHost *:8010>
ServerAdmin zugwalt#projectone.com
DocumentRoot "/path/to/project/one"
ServerName localhost:8010
ErrorLog "logs/projectone-error.log"
CustomLog "logs/projectone-access.log" common
</VirtualHost>
<VirtualHost *:8020>
ServerAdmin zugwalt#projecttwo.com
DocumentRoot "/path/to/project/two"
ServerName localhost:8020
ErrorLog "logs/projecttwo-error.log"
CustomLog "logs/projecttwo-access.log" common
</VirtualHost>
And in my httpd-ssl.conf I have:
Listen 443
<VirtualHost *:443>
DocumentRoot "/path/to/project/one"
ServerName localhost:8010
SSLEngine on
SSLCertificateFile /path/to/ssl/server.crt
SSLCertificateKeyFile /path/to/ssl/server.key
</VirtualHost>
<VirtualHost *:443>
DocumentRoot "/path/to/project/two"
ServerName localhost:8020
SSLEngine on
SSLCertificateFile /path/to/ssl/server.crt
SSLCertificateKeyFile /path/to/ssl/server.key
</VirtualHost>
I'm using Apache 2.4 on Windows 7
You defined both virtual host to be on Port 443 <VirtualHost *:443> but you have no real dns hostname for each one!
You set the servernames to localhost:8010 and 8020 - this will not work, because the port is not part of the dns name!
You must have different servernames like ssl1.example.com and ssl2.example.com - on the other hand you could define different ports for ssl like you did for pure http:
<VirtualHost *:8110>
DocumentRoot "/path/to/project/one"
ServerName localhost
SSLEngine on
SSLCertificateFile /path/to/ssl/server.crt
SSLCertificateKeyFile /path/to/ssl/server.key
</VirtualHost>
<VirtualHost *:8120>
DocumentRoot "/path/to/project/two"
ServerName localhost
SSLEngine on
SSLCertificateFile /path/to/ssl/server.crt
SSLCertificateKeyFile /path/to/ssl/server.key
</VirtualHost>
Then use the port within your browser:
https://localhost:8110
Related
I have an apache config using a DV wildcard cert. The ssl.conf is configured to use the certificate for all server traffic.
My vhost conf file has two virtual hosts defined there. A production vhost and a dev vhost. The conf file contents are;
<VirtualHost *:443>
ServerName www.example.com
ServerAlias example.com
ServerAdmin webmaster#example.com
DocumentRoot /var/www/html/vhosts/prod_example_com/
<Directory "/var/www/html/vhosts/prod_example_com">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog "/var/log/httpd/www.example.com-error_log"
CustomLog "/var/log/httpd/www.example.com-access_log" common
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/comodo/STAR_example_com.crt
SSLCertificateKeyFile /etc/pki/tls/certs/csr/www_example_com.key
SSLCertificateChainFile /etc/pki/tls/certs/comodo/SectigoRSADomainValidationSecureServerCA.crt
</VirtualHost>
<VirtualHost *:443>
ServerName dev.example.com
ServerAdmin webmaster#example.com
DocumentRoot "/var/www/html/vhosts/dev_example_com"
<Directory "/var/www/html/vhosts/dev_example_com">
AllowOverride All
Require all granted
</Directory>
ErrorLog "/var/log/httpd/dev.example.com-error_log"
CustomLog "/var/log/httpd/dev.example.com-access_log" common
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/comodo/STAR_example_com.crt
SSLCertificateKeyFile /etc/pki/tls/certs/csr/www_example_com.key
SSLCertificateChainFile /etc/pki/tls/certs/comodo/SectigoRSADomainValidationSecureServerCA.crt
</VirtualHost>
So, when I go to https://dev.example.com, it works great. However, when I try to go to https://www.example.com, it instead goes to the Apache server webroot of /var/www/html.
Have I overlooked something?
Thanks in advance to any help offered?
I seemed to have found the issue. In my particular instance, the vhost.conf VirtualHost tags were change both to *:443, but what got everything back on track was commenting out ServerName www.example.com:443 from my httpd.conf and restarting Apache. I hope this helps someone else that may be suffering from this same issue.
Have spent ages trying to figure this out, we're looking to add cloud.domainname.co.nz, the records are all setup, however when you search cloud.domainname.co.nz, it shows you the domainname.co.nz website, and not the one where the directory is set?
<VirtualHost *:80>
DocumentRoot "C:/xampp/htdocs"
ServerName domain.co.nz
<Directory "C:/xampp/htdocs">
Options Indexes FollowSymLinks ExecCGI Includes
Order allow,deny
Allow from all
</Directory>
Redirect permanent / https://domain.co.nz/
SSLEngine on
SSLCertificateFile C:\xampp\apache\conf\domain.co.nz.crt
SSLCertificateKeyFile C:\xampp\apache\conf\domain.co.nz.key
SSLCertificateChainFile C:\xampp\apache\conf\domain.co.nz.ca-bundle
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "C:/xampp/htdocs/cloud"
ServerName cloud.domain.co.nz
ServerAlias cloud.domain.co.nz
<Directory "C:/xampp/cloud">
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
Have gone through many other peoples questions/answers and after trying those I still wasn't able to get it working properly, can't figure out why!!
I've also noticed people show their vhosts when trying to figure out similar issues so I've put it below..
127.0.0.1 cloud.localhost
127.0.0.1 domain.co.nz
127.0.0.1 cloud.domain.co.nz
I solve it by adding this to the virtual host configuration
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:80>
DocumentRoot "D:/htdocs/"
ServerName localhost
</VirtualHost>
NameVirtualHost is so we can use the same port for multiple virtual hosts configurations. Setting up the usual domain for localhost is the key here. I am not sure why, but it solves the bug.
My question is about SSL installation. I purchased a new SSL for a website that's hosted on a Ubuntu 16.04 box with Apache 2.4.29. I was able to get this installed and I'm not getting any errors but my page is not redirecting. I've followed some guides (DigitalOcean) but feel as I'm missing something.
I have checked the sites-available files (000-default.conf, default-ssl.conf & example.com.conf) and I'm not seeing anything that's catching my eye, but I feel I migtht be missing something. I've checked the status of Apache and I'm not getting any errors and I've restarted the services several times to no avail.
Here's a general breakdown of what I have. Am I missing something? Is additional information required for setting this up?
000-default.conf
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www
Redirect "/" "https://example.com/"
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
default-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin webmaster#localhost
DocumentRoot /var/www
SSLCertificateFile /root/example.com.crt
SSLCertificateKeyFile /root/www.example.com.key
SSLCACertificateFile /root/intermediate.crt
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>4
mydomain.com.conf
<VirtualHost *:443>
ServerAdmin admin#somedomain.com
ServerName mydomain.com
ServerAlias www.example.com
DocumentRoot /var/www/example.com/html
Redirect permanent / https://example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Here is my attempt at a combined configuration. Note that I do not have your setup to test it, but I have used similar configurations on production servers.
First define your port 80 VirtualHost (000-default.conf in your setup):
Listen 80
<VirtualHost *:80>
Redirect "/" "https://example.com/"
LogLevel debug
ErrorLog "${APACHE_LOG_DIR}/80_error.log"
CustomLog "${APACHE_LOG_DIR}/80_access.log" combined
</VirtualHost>
No need for a DocumentRoot since you redirect everything.
Then comment out default-ssl.conf. This file is an example of what you could do to setup an SSL enabled VirtualHost. If you use that file AND another VirtualHost on port 443, this one will always be used, since Apache uses the first VirtualHost it finds that matches the client's request (here port 443).
Another point, VirtualHost are not "added" to one another. Each is independent of the others and must contain a complete configuration. This means you cannot put some configuration in on VirtualHost on port 443, and some in another and expect it to work.
Then create your example.com.conf file:
Listen 443
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
ServerAdmin admin#example.com
SSLCertificateFile "/root/example.com.crt"
SSLCertificateKeyFile "/root/example.com.key"
SSLCACertificateFile "/root/intermediate.crt"
LogLevel debug
ErrorLog "logs/443_error_log"
CustomLog "logs/443_access_log" combined
DocumentRoot "/var/www/example.com/html"
DirectoryIndex index.html
<Directory "/var/www/example.com/html">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
Some notes:
I put the LogLevel at debug, so you can troubleshoot, but once it is working, change it to error. Otherwise you will have huge log files quickly!
For the same reason, I split the logs for port 80 and port 443. Each VirtualHost should have its own logs.
The certificate files must match the domain name. Not the filename (although it makes it easier to match), but the certificate itself.
If you want your certificate to cover example.com and www.example.com, both names must be added to the alternate names in the certificate.
I do not understand why you have Redirect permanent / https://example.com in your configuration. You are already in the https, port 443 VirtualHost.
The options based on <FilesMatch> directives in the default ssl configuration can be added if you want.
This setup will ensure that all http requests will be redirected to https://example.com. Then it will use the :443 VirtualHost, use the proper certificate for that domain and serve the content from the DocumentRoot directory.
I am hosting website iplocation.io on a cloud server. I found a domain https://chrissloey.com/index.php which opens my website within it.
Now from what I understand, chrissloey.com has pointed it A record to my server ip and my apache2 server is not denying connection to it and allow's to open iplocation.io website content like its own.
I want apache2 to deny connections to any other domain and only allow my own domain to server content.
Attached is apache conf file for iplocation.io
<VirtualHost *:80>
ServerAdmin email#email.com
DocumentRoot /var/www/public_html
ServerName iplocation.io
ServerAlias www.iplocation.io
ErrorLog ${APACHE_LOG_DIR}/apache-error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/public_html>
Options FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName iplocation.io
ServerAdmin email#email.com
DocumentRoot /var/www/public_html
SSLEngine on
SSLCertificateFile /path-to-csr
SSLCertificateKeyFile /path-to-key
SSLCertificateChainFile /path-to-ca
<Directory /var/www/public_html>
Options FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
</IfModule
Looking at the two comments I think the combination makes most sense:
Configure httpd to respond with redirect (301) to all incoming requests. This could be done on the 'root' host.
Configure a virtualhost listening to your domain only, and this one would serve your real content only.
This will work unless the other site requests your content and then integrates it into their responses. But as you said someone else simply put up a DNS A record.
Can anyone direct me to a good tutorial on how to set up virtual hosts using Apache 2.2? Here's my situation:
I have Apache running on my laptop and I want two websites-- one on port 80 and one on port 8089. I want to access each site from the other computer on my network by entering the computer's IP address, such as http://192.168.1.102 and http://192.168.1.102:8089. Yet when I enter the second url, it directs me to the website running on port 80.
Thanks in advance for any help.
First you need to instruct Apache to listen on the ports you need:
Listen 80
Listen 8089
Second you need to tell it what to do with 80 and 8089 traffic:
<VirtualHost *:80>
DocumentRoot /website/site80
ServerName internet.dev
</VirtualHost>
<VirtualHost *:8089>
DocumentRoot /website/site8089
</VirtualHost>
Third you need to "allow" Apache to use those directories:
<Directory "C:/website/site80">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<Directory "C:/website/site8089">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Just have 2 virtual hosts defined like this, but with differeing DocumentRoots:
<VirtualHost *:80>
ServerAdmin webmaster#dummy-host.somecompany.com
DocumentRoot "/docs/dummy-host.somecompany.com"
ServerName dummy-host.somecompany.com
ServerAlias www.dummy-host.somecompany.com
ErrorLog "logs/dummy-host.somecompany.com-error.log"
CustomLog "logs/dummy-host.somecompany.com-access.log" common
</VirtualHost>
<VirtualHost *:8089>
ServerAdmin webmaster#dummy-host.somecompany.com
DocumentRoot "/docs/dummy-host.somecompany.com"
ServerName dummy-host.somecompany.com
ServerAlias www.dummy-host.somecompany.com
ErrorLog "logs/dummy-host.somecompany.com-error.log"
CustomLog "logs/dummy-host.somecompany.com-access.log" common
</VirtualHost>