How to hide distributed servers under a single domain? - apache

I currently host my company's website and blog on separate servers, reached by separate domain names - www.example.com and www.example.net. This is so I can give blog server access to our partners without compromising security on our main server. However, our SEO guy is now demanding that the blog be put on our main server, as www.example.com/blog.
I would like to maintain the current server separation rather than putting both on the same server. Is there any good way to keep them separated, but have them both under a single domain name? A subdomain would also be acceptable (blog.example.com).
My main website server is a Debian box running Apache 2, and I have full root access to it. The blog server is run by Hostgator, and I have limited access.
Edit: Thanks, all. In this particular situation I don't particularly want to transfer the blog again, and I don't have easy access to the DNS records, so i went with mod_proxy and it worked like a charm. I wish I could give you all "preferred answer" status, though, because all of your information was awesome.

A subdomain would be easy: just create an A record in DNS which maps blog.example.com to the IP address of the blog server, and have another A record in DNS which maps www.example.com to the main website server (this latter record probably already exists).

Would the SEO guy be happy with blog.example.com? It's not the same from an SEO perspective, but it might be good enough for him. I work at a company where SEO is at least 1/3 of what we do, and that's our setup: blog.example.com and www.example.com.
You could try to get fancy and proxy requests to /blog to the 2nd server, if you insist on keeping the blog off your box, but I think you can find a secure way to share space. Proxying like that could get annoying, and it basically doubles the latency to your blog.
Give the blog guys an account on your box; don't give them root/special privileges. If you can get away with it, don't even give them SSH access -- just give them a FTP login (make sure they can't access /var/www), and maybe a mysql account or something. (As you can see, this all depends on how much control/power the blog folks demand.)
Then, just make a symlink to the blog root, so they can write to a restricted area like /home/blog/www and still have it included in the website:
ln -s ~blog/www /var/www/blog

If a subdomain is for some reason not a possible way for you to go, you could use Apache's mod_proxy module to proxy requests to /blog to your second server.

Related

Is the malicious botting, how to prevent?

I recently set up a subdomain on my website with the intention to soon clone my website for testing purposes. Subdomain was "beta", so beta.example.com
It was set up and password protected via htaccess and is directed through Cloudflare, it's about three days old and was never announced publicly (only I know of it).
Today I notice this on my Apache Server Stats page:
Also, CPU load was increasing and very, very high. Upon refreshing, this continued and is actually still continuing right now. Is this some sort of botting/brute force attack? I can't imagine how/why else so many IPs would be accessing this unlinked/private subdomain. I've since taken it down from Cloudflare DNS and the IPs are still connecting somehow, I assume it will take time for it to propagate.
Is this malicious? And how can it be prevented? I assume it was/is attempting to brute force the htaccess password? Is it because it's a common subdomain name? ("beta") - would it matter? Again, it's only been about three days so damn they work fast.
It can be search engine robots, It can be script kiddies, It can be brute force, you can have more information in your log file or by analyzing IP address.
I'm not sure to really understand your problem and what you want.
If you website is online, so yes some people/bots/robots will try to access to it, like any other website.
If you don't want than anybody access to your website, you can add an IP restriction.

Domain URL masking

I am currently hosting the contents of a site with ProviderA. I have a domain registered with ProviderB. I want users to access the contents (www.providerA.com/sub/content) by visiting www.providerB.com. A domain forward is easy enough and works as intended, however, unless I embed the site in a frame (which is a big no-no), the actual URL reads www.providerA.com/sub/content despite the user inputting www.providerB.com.
I really need a solution for this. A domain masking without the use of a frame. I'm sure this has been done before. An .htaccess domain rewrite?
Your help would be hugely appreciated! I'm going nuts trying to find a solution.
For Apache
Usual way: setup mod_proxy. The apache on providerB becomes a client to providerA's apache. It gets the content and sends it back to the client.
But looks like you only have .htaccess. So no proxy, you need full configuration access for that.
So you cannot, see: How to set up proxy in .htaccess
If you have PHP on providerB
Setup a proxy written in PHP. All requests to providerB are intercepted by that PHP proxy. It gets the content from providerA and sends it back. So it does the same thing as the Apache module. However, depending on the quality of the implementation, it might fail on some requests, types, sizes, timeouts, ...
Search for "php proxy" on the web, you will see a couple available on GitHub and others. YMMV as to how difficult it is to setup, and the reliability.
No PHP but some other server side language
Obviously that could be done in another language, I checked PHP because that is what I use the most.
The best solution would be to transfer the content to providerB :-)

Google Domain forward to Digital Ocean linux server, running Apache2 subfolder, and display domain as root

I've been googling for a bit now, and I really cant seem to figure this out. I recently bought a domain name with google domains, that I wish to point to a sub domain on my web-server, (example) http://120.0.0.0/sub-folder/, while apearing as domain.com.
Right now I have mbektic.com forwarding to http://138.197.5.88/mbektic/ which kind of gets what I need done, but I wish for the URL to say mbektic.com, instead of the ip address of the server.
Now I've been looking around and I've found things mentioning things from creating records to .htaccess files, and honestly I'm completely lost.
If someone could point me to a straightforward guide or give me a list of steps to follow, I can do it myself, but currently I am just lost.
This really belongs on unix.se since it isn't programming...
That said, what you need to do is set up a DNS A record pointing your domain name to your IP address. Add a second one to handle www.example.com
Then, on the webserver, configure it to respond to that name and serve content out of the directory you specify (the apache webserver calls this the DocumentRoot - you may want to look up apache virtual hosts .... )

multiple domains in server - howto

let's suppose we have shopify.com,a platform where everybody can create his e-shop and provide it under his domain,the user can add his domain in other words.
When somebody ads a domain,what's actually happening under the hood?
As far as i know,in apache2 a new VirtualHost is created for each new domain,pointing to the user's folder. But is this the best and most efficient solution to this?
I'm asking for curiosity reasons mainly and also i'd like how those systems work (like shopify.com or webs.com,where every user adds a domain)
Thank you in advance!!
You have a few options that I know of, mostly depending on whether traffic goes to the same ip or not.
When setting up DNS entries you can specify wildcard for subdomains. *.example.com which makes it so that any request for any subdomain that isn't match by another DNS record goes to example.com.
So, having:
*.example.com <ip A>
blog.example.com <ip B>
Would make blog.example.com go to < ip B> and example.com and all other subdomains go to < ip A>.
This means you could have the possibility of giving each new subdomain go to its own ip (very unlikely). You can also catch them all at the same ip and handle it there.
As you mentioned, you could add a new virtual host for each new sub domain created. However, that's kind of a heavy solution, and I think it would generally involve restarting your webserver program to reload the new configuration. Instead, you can use something like rewrites to achieve something similar to the virtual host.
Having a rewrite rule that does <subdomain>.example.com/<resource> => example.com/<subdomain>/<resource> would mean all that would be necessary is creating a new folder in the root of your served directories containing the user's content. No change to configuration. Also, I'm not sure if you're familiar with rewrites, but, they're invisible to the browser/user, so the user still sees <subdomain>.example.com/<resource> even though they're being served content from example.com/<subdomain/<resource>.
This isn't a definitive list of the possibilities, simply a couple possibilities. Any large or scalable solution is probably going to involve many layers of indirection allowing for more complex DNS directing, load balancing, and serving of content.

Strange domains in mod_pagespeed cache folder

About a year ago I have installed mod_pagespeed on my VPS server, set it up and left it running. Recently I was exploring files on my server, went to pagespeed cache folder and discovered some strange folders.
All folders usually named this way ,2Fwww.mydomain.com or ,2F111.111.111.111 for IP addresses. I was surprised to see some domains that does not belong to me, like:
24x7-allrequestsallowed.com
allrequestsallowed.com
m.odnoklassniki.ru
www.fbi.gov
www.securitylab.ru
It looks like something dodgy is going on, was my server compromised, is there any reasonable explanation?
That does look peculiar. Everything in the cache folder should be files that mod_pagespeed tried to rewrite. There are two ways that I know of that this can happen:
1) You reference some third-party resource (say an image from another domain, or google analytics script) and you have explicitly enabled rewriting of that domain with ModPagespeedDomain www.example.com or ModPagespeedDomain *.
2) If your server accepts HTTP requests with invalid Host headers. Try (for example) wget --header="Host: www.fbi.gov" www.yourdomain.com/foo/bar.html. If your server accepts requests like that it may be providing mod_pagespeed with an incorrect base domain, and then subresources would be fetched from the same domain (so if www.yourdomain.com/foo/bar.html references some.jpeg, and your server accepts invalid host headers, we could fetch www.fbi.gov/foo/some.jpeg as the resource). There was a recent security release that makes sure all of these subrequests are done against localhost (not arbitrary third-party websites). Please see: https://developers.google.com/speed/docs/mod_pagespeed/CVE-2012-4001
You might want to look through these folders and see what specific resources are in there. I think that the biggest concern you should have is that someone might be trying to perform an XSS attack on your users or maybe a DDoS attack against another website (like www.fbi.gov), using your server as one vector. I do not think that these folders are indicative that your server itself is compromised.
If you would like to discuss this more, https://groups.google.com/forum/?fromgroups#!forum/mod-pagespeed-discuss is a good list to join and email.