On 02/21/2010 02:53 PM, Stephen Davies wrote: > Here's the scenario > > A number of Domains have been defined using DYNdns. They all point at > one IP address. > At that address is a Netgear Router that is configured to port forward > all port 80 requests to the Linux Server where the http server is running. > > The httpd.conf on that server is configured with virtual hosts for each > of the Domains setup in DynDNS. Ok. Everything works. > > What I'm struggling with is defining a Virtual host that will act as the > default/catchall destination. For example for the myriad of port > scanners etc that will just use the IP address and see what responds. I > want to send them a 404 or something similar back, essentially telling > them to P**s off.
http://httpd.apache.org/docs/2.2/vhosts/examples.html specifically this part: <VirtualHost _default_:*> DocumentRoot /www/default </VirtualHost> Should do what you are asking for - any hostname that matches your IP, but not explicitly one of your vhost containers (or the IP address used directly) will be caught by this. Without an entry like that, the *first* defined virtual host will be used as default - suddenly order is important and if your vhost definitons are split across several files (as is the default on debian) you need to be careful with naming. Me, I'd just go for the default entry. > I still want to allow requests for tools like phpMyAdmin to be allowed > through from the local subnet (eg 10.10.2.*) when requested by > http://10.10.2.10/phpMyAdmin simple Directory and Alias entries should take care of that. You can do that within virtualhost containers. In fact you can do almost anything that would go into a normal httpd.conf inside a vhost container. Alias /phpMyAdmin "/var/www/phpMyAdmin" (or wherever it's actually installed) ...with or without trailing slashes, depending on requirements. RTFM for more detail (the online docs referenced above are excellent and chock full of examples for much of this) This is worth doing in any case (I assume you have?) as it makes access control over phpMyAdmin simple (and doesn't expose it by accident as part of your existing tree), using something like this: <Directory /var/www/phpMyAdmin> Order Allow,Deny Allow From 10.10.2.0/24 Allow From 127.0.0.1/32 Deny From All </Directory> The 'Deny From All' part is superfluous but makes for more readable configs, IMO. http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow > I'll probably change the app name for phpMyAdmin though when this gets > into production. > > > Any suggestions most useful. The online docs for apache are most helpful in many cases, although sometimes do require you to know what you are looking for :) Regards, Stuart -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --------------------------------------------------------------
