I have a website that contains company profiles. These profiles have many pages within my site like products, services, etc. Some of my users would like to use their profile on my site as their webpage.
eg. going to www.mycustomerswebsite.com loads their profile on my site, but doesn't redirect to my url.
I'd like to allow them to do this simply by pointing their DNS at my server. The behavior I'm looking for is similar to what one can do on hosted wordpress. I'm running Apache as my web server on Linux CentOS.
What are my options for setting this up?
With just apache serving static files, you create a wildcard virtualhost as per:
http://httpd.apache.org/docs/2.0/vhosts/mass.html
If (as is more likely) we are talking about a script generating pages on the fly, that script should be written to inspect SERVER_NAME to determine what content to produce - pseudocode:
names = {
'customer1.example.org': 1,
'customer2.example.org': 2,
};
if ($ENV[SERVER_NAME] == 'www.example.com') {
regularHome();
}
else {
produceHome(names[$ENV[SERVER_NAME]]);
}
Either way, you must make an association between mycustomerswebsite.com and your name for the same customer - perhaps they must input their domain into their settings on your site or perhaps you already have their domain set up.
After all that (and probably most difficult) is to get them to make a DNS change - they are the only ones who can do it - so that www is CNAMEd to your host. You might want to create a special host record "customers.example.com" or some-such strictly for this purpose. Create some documentation for your customers similar to wordpress's:
http://en.support.wordpress.com/domain-mapping/map-existing-domain/#instructions-for-mapping-an-existing-domain
Related
My company has a LAMP server, and I am not an expert at web hosting but I manage basic tasks.
My server currently hosts about twelve different domains. Each domain has a .conf file in the sites-enabled directory, and they work fine. Let's say we have example1.com, example2.com, and example3.com, just to hopefully help explain this question.
Recently, a person I work with registered a bunch of new domains. With the domain registrar, they pointed the domains to our IP address. I believe this is called "parking" a domain. I have not set up a .conf file or enabled any of these new domains on our server yet. Let's say they are newsite1.com, newsite2.com, etc...
What's puzzling to me is that if one types one of the new domains into a browser, one of our existing domain shows up. Let's say it's example1.com. So, if you go to a browser and type in newsite1.com, or newsite2.com, you are taken to example1.com. Also, in the address bar at the top of the browser, it will be displayed as example1.com.
This is not the desired behaviour. For one thing, we did not choose, as far as I know, for example1.com to be the default, and it's not necessarily the website we would want to be the default. In any case, I don't know why the system is going to example1.com as opposed to example2.com or any of our other sites.
The desired behaviour would be for there to just be a general error, "this domain does not exist" or something like that. If there has to be a default website, we'd like to be able to choose it.
I've seen questions on Stack Oveflow that are similar, but they all presume one wants to set a default. When I look at the configuration files they reference, for example /etc/httpd/conf/httpd.conf, they are empty, so in my case, there is nothing to unset.
How do I stop browsers from being redirected to the website that they are currently being directed to? How can I set it so that Apache just returns a "site not found" error instead of serving up a website?
The easiest way to fix this is name your .conf files starting with a number.
If you look at the default apache configs, you'll notice a file called "000-default.conf". Apache will load the files in number order - so just make your default virtual host .conf file be 000-whatever.conf.
I suppose you're using name based virtual hosts and the <VirtualHost> directive and this is what docs have to say:
If no matching name-based virtual host is found, then the first listed virtual host that matched the IP address will be used. As a consequence, the first listed virtual host for a given IP address and port combination is the default virtual host for that IP and port combination.
So when you say:
I've seen questions on Stack Oveflow that are similar, but they all
presume one wants to set a default.
... all I can add is that that's the way Apache works. I don't think it's inherently wrong to have a default host that serves a this domain does not exist page. I always do so in my Windows development box, typically by commenting out the default hosts at conf/extra/httpd-vhosts.conf file and adding my default host there.
If you ask for my opinion, it's rather questionable that Apache basically serves an arbitrary site when there's no match, thus making this customisation mandatory—and I've seen lots of live sites that don't do it.
I've found myself in a situation where I have to use different domains for the same site.
It's a multilingual website that uses the path for the language so I have something like:
mysite.com/en
mysite.com/es
mysite.com/fr
mysite.com/ru
What I need is something like
mysite.com/en
misitio.es/es
monsite.fr/fr
bladimir.ru/ru
It's an Apache server. We enabled domain aliases and if I enter misitio.es the server redirects the web browser to mysite.com/es but showing misitio.es in the url.
What I would need is each domain to work on their own, not redirecting me, sharing all the content and source code. There should be no differences neither in files or in the database, and the htaccess should be configured to redirect each language (/es, /en, /fr, /ru) to its respective domain (*It's the last thing to do, we have not changed thw htaccess file yet).
I've found this guide for multisites in drupal, but it explains how to build a multisite from zero and my website is already in production, also, I'm not sure on how does it apply to my specific problem.
Is it possible to achieve what I need?
Any advice would be helpful.
I'm quite new to the configuration of domains and subdomains.
I already have a subdomain "bar" that belongs to the domain "www.foo.es". When I want to access to the subdomain I just have to type "www.foo.es/bar", everything is alright so far.
What I intend to do is that the subdominion is accessed typing "bar.foo.es".
I've tried some things I found online but none of them worked. Could you tell me how to do this or at least give me some clues or tutorials that actually work?
I'm trying to set all up using the IIS6 properties (not dynamically, as it is not a user thing, just a subdomain that I want to access "directly".
Assuming you are working with a live server that you REMOTE DESKTOP INTO and not a shared hosting account here is what you will need to do:
Let's assume your file system looks like this:
c:\inetpub\wwwroot\www.foo.es { some html files in here}
c:\inetpub\wwwroot\www.foo.es\bar {some html files in here}
Without any custom ISAPI filters installed, you would do this by setting up two WEBSITE's in IIS.
The first website would have a home directory of c:\inetpub\wwwroot\www.foo.es and the 2 host headers "www.foo.es" and "foo.es"
The second website would have a home directory of c:\inetpub\wwwroot\www.foo.es\bar and 1 host header "bar.foo.es"
Once you DNS has a CNAME of "bar" that points to your server and you clear your local dns caches, this should work. If you don't know how to make the DNS change the easiest thing you can do is log into to your domain name control panel from whoever you purchased the domain name with and do the following:
ADD A CNAME RECORD:
For the host enter "bar" for the points to enter "foo.es" and you should be all set.
First of all you need to add an entry in your DNS in which you specify the "bar.foo.es" subdomain and the IP of the server to which it points to.
After that, in IIS you will have to create a site for the new subdomain you have just created. For that: right click on Web Sites -> New Website -> follow the steps normally but when you encounter the text box for the "Host header for this Web site (Default: None)" fill it with your subdomain value ("bar.foo.es").
Alternatively, if your web site is already created, you can bind subdomains to it by right clicking on the site -> properties -> Web site tab -> Advanced (the button near IP address) -> add / remove / edit the domains for your site which are represented by the "Host header value".
Please note that what you have at the moment ("www.foo.es/bar") is not a subdomain but a relative address.
I want to create a web application that allows users to sign up, register a domain name and create their own website. This will be done in Ubuntu 9.10, Apache 2, Mysql 5 and Php 5.
At the moment, the only area of development I'm uncertain about is the domain name registration and mapping it to the web application.
I'm going to postpone developing the web interface that lets users register domains because I don't have the slightest idea how to do it. For the time being, I'll let an employee register the domain name on the user's behalf. I'll automate the process in te future (any advice on this matter would be appreciated). The employee will also input the registered domain name into my CMS, which will also update the Apache VirtualHost files with new domain information. I will have a cron job reload Apache every 5 minutes to capture the virtualhost changes.
Does this sound like the right approach? Will what I'm about to do be very disruptive to the server? Can anyone offer suggestions or point out issues I need to be aware of?
Additional details
the documentroot will remain the same at /var/www/public_html/websitemaker/ for all domains. I'll track user settings and styles based on the PHP's $_SERVER variable
I don't believe restarting apache every 5 minutes is the way to go as it won't be good for scaling.
One option would be to use logic grab the the domain name used to access the site. Verify that against your list of accounts in MySQL. If there is a match then load the users site and if not then behave like normal or send to error page.
As for registering domain names you will need to create (or use and existing) a script implenting an API to the registrar of your choice. They will provide the ability to check if a domain is available or not and to register it assigning it specific DNS values (plus other options as well) all in real time.
I think what you're looking for is Apache with mass virtual hosting so that you don't have to restart/reload Apache every 5 mins. Any specific questions about this would be more appropriate for Serverfault.
We noticed that a hacker created a domain and configured DNS to point it to our server's IP address.
We are using apache2.x on Ubuntu.
There is a "default" file in apache's /etc/apache2/sites-available directory and it looks like the the hacker's domain is using "default" apache configuration file to display our web content in their domain.
How can we prevent this?
Can some one post a "default" apache configuration file as an example?
Unknown domains that come into apache over the specified ip and port will be directed to the first virtual host, thus the 000-default file. Your best bet is to make the 000-default host return a 400 or 500 error (or some explicit message saying the domain doesn't belong) and use explicit virtualhosts for each of your sites.
+1 Jeremy's answer: make the default (first) virtual host for each IP address you're listening on return something useless like a 404 or page saying nothing but “this is a virtual server”.
Allowing your web server to serve a real web site on a non-matching ‘Host’-name (including a raw IP address) opens you up to two particular attacks:
DNS rebinding attacks, leading to cross-site scripting into your real web site.
This affects sites with a user access element (eg. logging in, cookies, supposedly-private intranet apps).
‘Search-hijacking’. This affects all sites (even completely static ones). This may be what is happening to you. By pointing their own domain name at your server, they can make search engines see both the real domain name and their fake one as duplicates for the same site. By using SEO techniques they can then try to make their fake address seem like the more popular, at which point the search engines see that as the canonical address for the site, and will start linking to it exclusively instead of yours.
Most web servers are configured by default to serve a web site to all-comers, regardless of what hostname or IP address they're accessing it through. This is a dangerous mistake. For all real live sites, configure it to require that the ‘Host’ header matches your real canonical hostname.