Re: [SLUG] IP-based virtual hosting with apache

From: Ian C. Blenke (icblenke@nks.net)
Date: Fri Mar 28 2003 - 12:06:13 EST

Next message: William Coulter: "Re: [SLUG] Question on find a provider that works with Linux"
Previous message: Rock: "[SLUG] Linux course information #2"
In reply to: Greg Schmidt: "[SLUG] IP-based virtual hosting with apache"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Friday 28 March 2003 01:15, Greg Schmidt wrote:
> So I'm trying to figure out how to do virtual hosting with Apache. It
> can't be named-based virtual hosting because I want to use SSL. It has

You *can* do named-based virtual hosting with SSL if all of the names use the
same domain name for which you have a wildcard SSL cert (ie "*.blenke.com").
Yes, this actually works.

> to be IP-based. From what I've read of Apache docs so far there are two
> ways to do IP-based virtual hosting. One way uses the same httpd and
> httpd.conf for each IP address. The other way is to run multiple http
> daemons. It seems that running multiple daemons has some security
> advantages. I want to know how to do it that way. The docs say:

Don't use the "NamedVirtualHost" directive, and specify each virtual host with
an IP/hostname/fqdn that resolves to an independant address. Also, use the
Listen directive to NOT listen to "*".

Running multiple http daemons is generally more confusing. The "security
advantages" generally only matter if you're running them independantly under
chrooted jails. Sometimes this complexity is warranted, but I wouldn't
recommend it to a novice apache admin.

> "Create a separate httpd installation for each virtual host. For each
> installation, use the Listen directive in the configuration file to
> select which IP address (or virtual host) that daemon services."

Absolutely.

> My question is, by "create a separate httpd installation" do they simply
> mean loading the httpd daemon with the -f flag to tell it to use a
> unique /etc/httpd/conf/httpd.<this domain>.conf? I'm thinking that
> config file would, for each domain, need to specify unique document
> roots, unique httpd.pid files, unique Listen directives for each IP
> addy, unique log files, (What else am I forgetting?) etc.

Yep. This is precisely how you would run multiple parallel apache instances.

> Can I do this by simply having my rc scripts load httpd multiple times
> with one config file for each virtual domain? Can I make renamed copies
> of the httpd file to track each virtual domain's httpd process by name
> instead of pid? Am I heading in the right direction here?

Yes. If you're hell-bent on running multiple apache instances.

> Side note: Layer 8 issues preclude UML for virtual hosting.

Ah. Politics. Wonderful.

-- 
- Ian C. Blenke <icblenke@nks.net>
(This message bound by the following:
http://www.nks.net/email_disclaimer.html)

Next message: William Coulter: "Re: [SLUG] Question on find a provider that works with Linux"
Previous message: Rock: "[SLUG] Linux course information #2"
In reply to: Greg Schmidt: "[SLUG] IP-based virtual hosting with apache"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:21:55 EDT